I have several zero byte folders along with an exe that just comes back when erased. Going to Safe Mode does not help.
The folder is in appdata and its called "PWBVLXT". It is a zero byte folder and I cannot delete it. I have tried to change permissions and a bunch of other stuff but got nowhere.
Also in task manager there appears multiples of a running app called "VLAKJ" I can end the process but they keep coming back. When I go to where the process lives, I encounter a exe named PATAKI.EXE Again there is no way I can access any of these folders/files. If some will delete, they just keep coming back. I cannot find any reference in Google to any of the names.
The offending files are also hanging up Microsoft Security Essentials and Malwarebytes premium. Malwarebytes Anti Exploit finds nothing.
Virus is also preventing the running of many of your virus checkers. It also PLAYS MUSIC when Firefox is started!
Followed the instructions for my first e-mail and here are the results of "frst64".
Hope you can help.
Thank you.
Menkaure
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2018
Ran by Gpa-Jim (administrator) on GPA-JIM-PC (18-04-2018 13:40:44)
Running from C:\Users\Gpa-Jim\Desktop
Loaded Profiles: Gpa-Jim (Available Profiles: Gpa-Jim & DefaultAppPool)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(TOSHIBA CORPORATION) C:\Windows\System32\sbczmixsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AsRoutineController.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
() C:\Program Files (x86)\Photodex\ProShow Producer\scsiaccess.exe
(TechSmith Corporation) C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\SnagPriv.exe
() C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 13\SnagitEditor.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TotalAV) C:\Program Files (x86)\TotalAV\SecurityService.exe
() C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
() C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
() C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\wpscloudsvr.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\wpscenter.exe
(Farbar) C:\Users\Gpa-Jim\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKLM\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 1
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\MountPoints2: {d2e64b42-9965-11e4-b404-806e6f6e6963} - F:\SETUP.EXE
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [242688 2010-11-20] (Microsoft Corporation)
BootExecute: autocheck autochk *
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{F5C62263-7257-490B-882D-AC8310E18FB3}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://my.yahoo.com/
SearchScopes: HKLM-x32 -> DefaultScope {20B9D1AE-AD1A-38B4-87FE-AF278DA9861D} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-05-13] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-13] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - No File
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2016-04-27] (Google Inc.)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - No File
Toolbar: HKU\S-1-5-21-3207529590-585244797-2999148210-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2016-04-27] (Google Inc.)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2015-12-10] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2015-12-10] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: et64nsk8.default-1495400748088
FF ProfilePath: C:\Users\Gpa-Jim\AppData\Roaming\Mozilla\Firefox\Profiles\c7a8r5jc.default-1476925282148 [not found] <==== ATTENTION
FF DefaultProfile: [email protected]
FF ProfilePath: C:\Users\Gpa-Jim\AppData\Roaming\Mozilla\Firefox\Profiles\et64nsk8.default-1495400748088 [2018-04-18]
FF Homepage: Mozilla\Firefox\Profiles\et64nsk8.default-1495400748088 -> hxxps://my.yahoo.com/
FF Extension: (All Aboard) - C:\Users\Gpa-Jim\AppData\Roaming\Mozilla\Firefox\Profiles\et64nsk8.default-1495400748088\Extensions\@all-aboard-v1-2.xpi [2017-05-21] [Legacy]
FF Extension: (Browser Safety) - C:\Users\Gpa-Jim\AppData\Roaming\Mozilla\Firefox\Profiles\et64nsk8.default-1495400748088\Extensions\[email protected] [2018-04-16]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\Gpa-Jim\AppData\Roaming\Mozilla\Firefox\Profiles\et64nsk8.default-1495400748088\features\{03318a52-2784-4d18-a0b9-088ba2f9b916}\[email protected] [2018-04-03] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_29_0_0_140.dll [2018-04-10] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2018-02-14] (Adobe Systems)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_140.dll [2018-04-10] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-13] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2015-08-28] (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-05] (NVIDIA Corporation)
FF Plugin-x32: @photodex.com/PhotodexPresenter -> C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll [2016-07-24] ( )
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2018-02-14] (Adobe Systems)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
FF Plugin HKU\S-1-5-21-3207529590-585244797-2999148210-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-24] (Wacom)
Chrome:
=======
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default [2018-04-17]
CHR Extension: (Google Slides) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-04-17]
CHR Extension: (Google Docs) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-04-17]
CHR Extension: (Google Drive) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-04-17]
CHR Extension: (YouTube) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-04-17]
CHR Extension: (Solitaire) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpebaehgfgkcmmjjknibibbjacnplim [2017-04-17]
CHR Extension: (Google News) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc [2017-04-17]
CHR Extension: (Kaspersky Protection) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2017-04-17]
CHR Extension: (Torrent Turbo Search App) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2017-04-17]
CHR Extension: (Adobe Acrobat) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-04-17]
CHR Extension: (Google Sheets) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-04-17]
CHR Extension: (Google Docs Offline) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-04-17]
CHR Extension: (Cut the Rope) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkddaofiamhgfjmaccfcfpfolpgbeomj [2017-04-17]
CHR Extension: (Free Texas Holdem Poker) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpefcbpnjnanfacddfaaommfheilhkdb [2017-04-17]
CHR Extension: (Google Maps) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-04-17]
CHR Extension: (Into The Mist) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2017-04-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-17]
CHR Extension: (Gmail) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-04-17]
CHR Extension: (Chrome Media Router) - C:\Users\Gpa-Jim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-04-17]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
HKLM\SYSTEM\CurrentControlSet\Services\temrvlb <==== ATTENTION (Rootkit!)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2018-02-14] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-27] ()
S3 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-04-24] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
S2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.01\AsusFanControlService.exe [382776 2014-04-24] (ASUSTeK Computer Inc.)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [135824 2011-12-12] (Seiko Epson Corporation)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1162768 2018-02-08] (Garmin Ltd. or its subsidiaries)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2015-01-16] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2017-03-25] (Microsoft Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S3 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-07-30] (IObit)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3894760 2017-06-07] (Paramount Software UK Ltd)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [154320 2018-04-14] (Malwarebytes Corporation)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S3 Media Center 23 Service; C:\Program Files (x86)\J River\Media Center 23\JRService.exe [402632 2017-09-21] (JRiver, Inc.) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [119864 2016-11-14] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [361816 2016-11-14] (Microsoft Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1706312 2015-01-16] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21833544 2015-01-16] (NVIDIA Corporation)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1733184 2017-09-07] (O&O Software GmbH)
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
S3 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
S3 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] ()
R2 ScsiAccess; C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe [186760 2016-07-24] ()
S3 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
S3 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S3 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
R2 SecurityService; C:\Program Files (x86)\TotalAV\SecurityService.exe [4361168 2018-03-27] (TotalAV)
R2 TechSmith Uploader Service; C:\Program Files (x86)\Common Files\TechSmith Shared\Uploader\UploaderService.exe [3661096 2015-09-14] (TechSmith Corporation)
S3 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2015-06-25] (TuneUp Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S3 wpscloudsvr; C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\wpscloudsvr.exe [220288 2018-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd)
S4 windowsmanagementservice; windowsmanagementservice [X] <==== ATTENTION
S2 WsAppService; no ImagePath
S2 WTabletServiceCon; no ImagePath
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AndnetBus; C:\Windows\System32\DRIVERS\lgandnetbus.sys [20992 2017-10-24] (LG Electronics Inc.)
S1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-27] ()
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [537080 2017-07-19] (Intel Corporation)
R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
R3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-15] (SlySoft, Inc.)
S3 EyeOneDisplay; C:\Windows\System32\Drivers\i1display_x64.sys [7808 2009-09-24] (GretagMacbeth LLC)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2018-02-26] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28008 2014-05-28] (Intel Corporation)
S3 IOMap; C:\Windows\system32\drivers\IOMap64.sys [24824 2014-04-24] (ASUSTeK Computer Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70000 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [181640 2016-02-06] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [227000 2016-02-06] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [940928 2016-02-06] (AO Kaspersky Lab)
S1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [39096 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [41144 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-02-06] (AO Kaspersky Lab)
R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [103096 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMWebProtection; C:\Windows\system32\drivers\mwac.sys [82720 2018-04-17] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [295000 2016-08-25] (Microsoft Corporation)
R1 MpKsl8cfbee72; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D13FCD31-2E2F-4C40-8824-71375915EE8B}\MpKsl8cfbee72.sys [58120 2018-04-17] (Microsoft Corporation)
R3 netr28ux; C:\Windows\System32\DRIVERS\netr28ux.sys [2246488 2016-05-12] (MediaTek Inc.)
R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [135928 2016-08-25] (Microsoft Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2015-01-16] (NVIDIA Corporation)
R0 oodisr; C:\Windows\System32\DRIVERS\oodisr.sys [116888 2015-09-29] (O&O Software GmbH)
R0 oodisrh; C:\Windows\System32\DRIVERS\oodisrh.sys [41112 2015-09-29] (O&O Software GmbH)
R0 oodivd; C:\Windows\System32\DRIVERS\oodivd.sys [255640 2015-09-29] (O&O Software GmbH)
R0 oodivdh; C:\Windows\System32\DRIVERS\oodivdh.sys [44696 2015-09-29] (O&O Software GmbH)
R0 PxHlpa64; C:\Windows\System32\drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
S3 Spyder4; C:\Windows\System32\DRIVERS\dccmtr.sys [15360 2011-06-02] (Datacolor)
S3 tapnord; C:\Windows\System32\DRIVERS\tapnord.sys [35376 2016-10-13] (The OpenVPN Project)
S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
R3 osvybf; system32\drivers\vybfil.sys [X]
S2 PDIHWCTL; \??\C:\Windows\system32\drivers\pdihwctl.sys [X]
========================== Drivers MD5 =======================
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\drivers\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys 0DC2A9882540DEA4A55B08785E09D8FC
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdk8.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\drivers\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\System32\DRIVERS\lgandnetbus.sys 34BBA51A066D55C948EDDAE065553CD1
C:\Windows\System32\DRIVERS\anodlwfx.sys 4CCF421E6C4B2A4CBCE000715911F7CC
C:\Windows\System32\Drivers\AnyDVD.sys C52568A5AF986C205F71649FCE37E764
C:\Windows\SysWOW64\Drivers\AnyDVD.sys C52568A5AF986C205F71649FCE37E764
C:\Windows\system32\drivers\appid.sys C16B5B379A2A79702CC5FF923EAAE3FD
C:\Windows\system32\drivers\arc.sys ==> MD5 is legit
C:\Windows\system32\drivers\arcsas.sys ==> MD5 is legit
C:\Windows\SysWow64\drivers\AsIO.sys 798DE15F187C1F013095BBBEB6FB6197
C:\Windows\System32\DRIVERS\asmthub3.sys 30284361A316A61306D3494953B72BF8
C:\Windows\System32\DRIVERS\asmtxhci.sys 7E75F23151F893E9B6620784994BFCE1
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\system32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\system32\drivers\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ABA3984C822E4D3F889699912D85D6C5
C:\Windows\system32\drivers\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\drivers\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\drivers\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdrom.sys ==> MD5 is legit
C:\Windows\system32\drivers\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys 3963FEC1892368DD500E6ED1F5C286CE
C:\Windows\system32\drivers\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cm_km.sys B2A6D2A30E93B6F215F74AC7E1733C9C
C:\Windows\System32\Drivers\cng.sys A98CED39AD91B445E2E442A9BD67E8B4
C:\Windows\system32\drivers\compbatt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\csc.sys ==> MD5 is legit
C:\Windows\System32\Drivers\dfsc.sys 9B38580063D281A99E68EF5813022A5F
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\drivers\disk.sys 616387BBD83372220B09DE95F4E67BBC
C:\Windows\system32\drivers\dmvsc.sys 5DB085A8A6600BE6401F2B24EECB5415
C:\Windows\system32\drivers\drmkaud.sys 26FE888505E5A945B0536AF9A2A27A6F
C:\Windows\System32\drivers\dxgkrnl.sys 5CEF80AE869336376F550ECAE91E424A
C:\Windows\System32\DRIVERS\e1d62x64.sys 5B575E34207D63CC1D3C0B08D11D594E
C:\Windows\system32\drivers\evbda.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys 9387A484D31209D7FC3F795A787294DB
C:\Windows\System32\Drivers\ElbyCDIO.sys BDD265EEB37DF5953A547FE412E2472F
C:\Windows\system32\drivers\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\Drivers\exfat.sys 7E45F8B117419ABA3BB26579F6E70324
C:\Windows\System32\Drivers\i1display_x64.sys A33E0921D0C256E348E0F6D66C77B7F7
C:\Windows\System32\Drivers\fastfat.sys 6EDFA237D25433C03F42FBFDB16BDD24
C:\Windows\system32\drivers\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\drivers\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\drivers\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\drivers\grmnusb.sys B9893A68032A6D9ADDB5B98287C630F7
C:\Windows\System32\drivers\GUBootStartup.sys C06C3D6C5A0805B314E3E940632C97CB
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\System32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\System32\DRIVERS\HDAudBus.sys ==> MD5 is legit
C:\Windows\system32\drivers\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidbth.sys ==> MD5 is legit
C:\Windows\system32\drivers\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\drivers\HTTP.sys CF5C9BD985120781200D35FD445D0BD5
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\drivers\iaStorA.sys 9EBE1AE8B3DA91D06BE1971EB37F7DA0
C:\Windows\System32\drivers\iaStorF.sys C018747131B4E90E9267BA5B31EB43A7
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\ICCWDT.sys C1010ADD3DDAE1196ED21057AF7B2AAE
C:\Windows\system32\drivers\iirsp.sys ==> MD5 is legit
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\IOMap64.sys EBBB161339CC7D5FFC0749EB6BE8A126
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\iusb3hcs.sys 45392E76EE30DC9C8F0181C785F0BA48
C:\Windows\System32\DRIVERS\iusb3hub.sys C6E8FB7FF41877378CCB30DE6E9941DF
C:\Windows\System32\DRIVERS\iusb3xhc.sys 6FBA980433B2B21604CE990FBF542D3F
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kl1.sys BEE1682DA217A4AD46C36896769AA580
C:\Windows\System32\DRIVERS\klbackupdisk.sys 86F40D79CE80ACBE6BEBAC8CE89D75A0
C:\Windows\System32\DRIVERS\klbackupflt.sys C80861511ADA03A65DC12FAA207592F8
C:\Windows\System32\DRIVERS\kldisk.sys 1557DF622127972EDB3DD3A61E7763CC
C:\Windows\System32\DRIVERS\klflt.sys DE7D2DEDE9C9D5219AA439172BA8D21C
C:\Windows\System32\DRIVERS\klhk.sys C62B714428FD30DD7B3115566C3F470B
C:\Windows\System32\DRIVERS\klif.sys DFF69C0DB50E1211E82541835448A1CE
C:\Windows\System32\DRIVERS\klim6.sys 3553584440A11136C899B67ACC8CBE9D
C:\Windows\System32\DRIVERS\klkbdflt.sys 22C4E9381C60DA78161FA042FDBA6873
C:\Windows\System32\DRIVERS\klmouflt.sys D792857D47B8DF5BFEC02534C1933BE2
C:\Windows\System32\DRIVERS\klpd.sys F610F5F17BC87D61EF8954CCD793BAE4
C:\Windows\System32\DRIVERS\kltdi.sys B36DEE2A91F9388C4D3ED744592DE81D
C:\Windows\System32\DRIVERS\klwtp.sys 2AA3537309C2B9A7F120FB9E6A38250A
C:\Windows\System32\DRIVERS\kneps.sys 1686DE8288052316EFDD49EEA8929065
C:\Windows\System32\Drivers\ksecdd.sys DFE85B031220F8E0271716BBB3C4C8FF
C:\Windows\System32\Drivers\ksecpkg.sys 70D7302DD70B979637179BFD8295C924
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\drivers\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys 5416CEB2916BBE635288C4D1075B045E
C:\Windows\System32\DRIVERS\lvrs64.sys A401CFF74982D8DF851F20307C806073
C:\Windows\System32\DRIVERS\lvuvc64.sys 13384CB5F5813E65F31078D6ABFAAF38
C:\Windows\system32\drivers\mwac.sys C56DD910B243D7DC9FA82505C2B668C1
C:\Windows\system32\drivers\megasas.sys ==> MD5 is legit
C:\Windows\system32\drivers\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\TeeDriverx64.sys 1BC9159CF58BABD89419072EA180A8F6
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys 072D8646E23ECF8A3F5F0157017B4DB6
C:\Windows\System32\DRIVERS\MpFilter.sys 3665AB2F67F4024F5F3F80335ED5322A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{D13FCD31-2E2F-4C40-8824-71375915EE8B}\MpKsl8cfbee72.sys BF2513029E231BE96D82F7C3ABFF87F4
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 98DB1790F0A584E0A2528B92B052417F
C:\Windows\System32\DRIVERS\mrxsmb.sys 767C6DF04C5758B9F0790D400541B44F
C:\Windows\System32\DRIVERS\mrxsmb10.sys BD55F604FFABC911F8E5500186AE70E5
C:\Windows\System32\DRIVERS\mrxsmb20.sys 92EECFB046D4706A4B8D699A4069B6EC
C:\Windows\system32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\drivers\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys 9FB2A095B1166CB3C9A06651863B3452
C:\Windows\System32\drivers\ndis.sys F7309F42555F8AAB7144A51A1F2585B0
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys 734837208CAFD6E0959A7A0333C95C9D
C:\Windows\System32\DRIVERS\netr28ux.sys CB68123CCB9387317889E9C0D1235AF5
C:\Windows\system32\drivers\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys CE5F6E635FE4506AE6F2D6EB87425128
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys BE313E566EEA2A4B7F9AAC9782A567D4
C:\Windows\System32\Drivers\Ntfs.sys 1065D9AFE491706EB00AD3CBB76C9E54
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\drivers\nvhda64v.sys 7E4355930B28C2798D9F09AB9F81151F
C:\Windows\System32\DRIVERS\nvlddmkm.sys 3B99271224C43ADAB5A7F8D4B574AE3F
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys D92F4ED189C8207D0274B8B6BB494892
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\oodisr.sys ECA77AFDB770E6C79D9D91C6DFF113D8
C:\Windows\System32\DRIVERS\oodisrh.sys 1F79FA440FE7E20F1268F89AAF9038FD
C:\Windows\System32\DRIVERS\oodivd.sys C6DF3132668F85B1010491EF9D0A08BD
C:\Windows\System32\DRIVERS\oodivdh.sys 331F599BC75CF52DCAA214D654EAA224
C:\Windows\system32\drivers\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\system32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\drivers\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys EA4D67448BE493D543F1730D6CD04694
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\drivers\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\System32\drivers\PxHlpa64.sys 07D57B890DD5693A6AB660CBAE8F91B4
C:\Windows\system32\drivers\ql2300.sys ==> MD5 is legit
C:\Windows\system32\drivers\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys FB45727105E27756B3252572A138FA19
C:\Windows\System32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpdr.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys FE571E088C2D83619D2D48D4E961BF41
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\system32\drivers\vms3cap.sys ==> MD5 is legit
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\serenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\serial.sys ==> MD5 is legit
C:\Windows\system32\drivers\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\drivers\sfloppy.sys ==> MD5 is legit
C:\Windows\system32\drivers\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\drivers\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dccmtr.sys 1D437579B9E02829011BE00E482C63A0
C:\Windows\System32\DRIVERS\srv.sys 72E6A150A8C8530B201832D1C801CDE6
C:\Windows\System32\DRIVERS\srv2.sys C4F67ABCC5033D334613F28F9E782809
C:\Windows\System32\DRIVERS\srvnet.sys C53CB62B0E57488AAE41FDA0FF8A0AB9
C:\Windows\system32\drivers\stexstor.sys ==> MD5 is legit
C:\Windows\System32\drivers\vmstorfl.sys ==> MD5 is legit
C:\Windows\system32\drivers\storvsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys BB3F041ACE6FF23FD8F51B4CDDAB111B
C:\Windows\System32\DRIVERS\tapnord.sys E750955EF054A0D6A47B5A9155FC9666
C:\Windows\System32\drivers\tcpip.sys 7FB36A0A036ADDACE0A868E4A43C1C27
C:\Windows\System32\DRIVERS\tcpip.sys 7FB36A0A036ADDACE0A868E4A43C1C27
C:\Windows\System32\drivers\tcpipreg.sys 7FE5586314EE7D6AA8483264A089E5AF
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys 4DD986720F7CB7A8A5D1226793097B9A
C:\Windows\System32\DRIVERS\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 2CF58216424757ED29605B4F18EC443C
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\system32\drivers\TsUsbGD.sys AD64450A4ABE076F5CB34CC08EEACB07
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\drivers\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\System32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys 9E68E917FB4B5C983438969643F53BEF
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 3F9D3902CE931E2A28DD8452AE915B67
C:\Windows\System32\DRIVERS\usbhub.sys 86B65EEBC03B936DE8B26E5A18D98FA2
C:\Windows\system32\drivers\usbohci.sys 099C2931C6F73EB1B9E13C560F61B50D
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS D029DD09E22EB24318A8FC3D8138BA43
C:\Windows\system32\drivers\usbuhci.sys 5D7651347C7D702F4A5DE53603DC024F
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\system32\drivers\vmbus.sys ==> MD5 is legit
C:\Windows\system32\drivers\VMBusHID.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys 85C5468BC395819AE2A0C747334BA14C
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\drivers\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\system32\drivers\wd.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\System32\DRIVERS\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Three Months Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-18 13:40 - 2018-04-18 13:40 - 000047873 _____ C:\Users\Gpa-Jim\Desktop\FRST.txt
2018-04-18 11:07 - 2018-04-18 11:07 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\wmcagent
2018-04-18 10:09 - 2018-04-18 10:10 - 002403328 _____ (Farbar) C:\Users\Gpa-Jim\Desktop\FRST64(1).exe
2018-04-17 21:05 - 2018-04-16 10:49 - 000010752 _____ C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
2018-04-17 20:46 - 2018-04-17 20:46 - 000000000 ____D C:\ProgramData\SecuritySuite
2018-04-17 20:45 - 2018-04-17 20:45 - 000000000 ____D C:\Users\Gpa-Jim\Documents\TotalAV
2018-04-17 20:44 - 2018-04-18 12:46 - 000000000 ____D C:\Program Files (x86)\TotalAV
2018-04-17 20:44 - 2018-04-17 20:45 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\TotalAV
2018-04-17 20:44 - 2018-04-17 20:44 - 000001016 _____ C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk
2018-04-17 20:44 - 2018-04-17 20:44 - 000000991 _____ C:\Users\Gpa-Jim\Desktop\TotalAV.lnk
2018-04-17 20:22 - 2018-04-17 20:22 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\ERW
2018-04-17 19:41 - 2018-04-17 19:41 - 000000017 _____ C:\Users\Gpa-Jim\AppData\Local\resmon.resmoncfg
2018-04-17 16:02 - 2018-04-17 16:02 - 000360680 _____ C:\Users\Gpa-Jim\AppData\Local\GDIPFONTCACHEV1.DAT
2018-04-17 15:58 - 2018-04-17 15:58 - 000142672 ____N C:\Windows\system32\Drivers\tibsvzcf.sys
2018-04-17 13:25 - 2018-04-17 13:30 - 005769544 _____ C:\Windows\system32\FNTCACHE.DAT
2018-04-17 10:39 - 2018-04-17 15:31 - 052517174 _____ C:\Windows\ntbtlog.txt
2018-04-16 22:08 - 2018-04-18 13:36 - 000000000 ____D C:\Users\Gpa-Jim\AppData\LocalLow\Mozilla
2018-04-16 21:56 - 2018-04-17 15:59 - 002888704 _____ (TOSHIBA CORPORATION) C:\Windows\system32\sbczmixsvc.exe
2018-04-16 21:06 - 2018-04-16 21:06 - 000000847 _____ C:\Users\Gpa-Jim\.recently-used.xbel
2018-04-16 19:44 - 2018-04-16 19:44 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\pwbvlxt
2018-04-16 13:50 - 2018-04-16 21:31 - 002888704 _____ C:\Windows\system32\xxxxxxxxx.exe
2018-04-16 13:47 - 2018-04-16 13:47 - 000360680 _____ C:\Windows\system32\GDIPFONTCACHEV1.DAT
2018-04-16 13:47 - 2018-04-16 13:47 - 000003936 _____ C:\Windows\System32\Tasks\geste medicated consistant
2018-04-16 13:47 - 2018-04-16 13:47 - 000003914 _____ C:\Windows\System32\Tasks\peasantry_atleast
2018-04-16 13:47 - 2018-04-16 13:47 - 000003912 _____ C:\Windows\System32\Tasks\gymnasts-macintosh
2018-04-16 13:47 - 2018-04-16 13:47 - 000003908 _____ C:\Windows\System32\Tasks\resumed pounce
2018-04-16 13:47 - 2018-04-16 13:47 - 000003892 _____ C:\Windows\System32\Tasks\trouble_warder
2018-04-16 13:47 - 2018-04-16 13:47 - 000003866 _____ C:\Windows\System32\Tasks\also
2018-04-16 13:47 - 2018-04-16 13:47 - 000003864 _____ C:\Windows\System32\Tasks\mulroy
2018-04-16 13:47 - 2018-04-16 13:47 - 000003782 _____ C:\Windows\System32\Tasks\gageste medicated consistantgeste medicated consistant
2018-04-16 13:47 - 2018-04-16 13:47 - 000003760 _____ C:\Windows\System32\Tasks\gapeasantry_atleastpeasantry_atleast
2018-04-16 13:47 - 2018-04-16 13:47 - 000003758 _____ C:\Windows\System32\Tasks\gagymnasts-macintoshgymnasts-macintosh
2018-04-16 13:47 - 2018-04-16 13:47 - 000003754 _____ C:\Windows\System32\Tasks\garesumed pounceresumed pounce
2018-04-16 13:47 - 2018-04-16 13:47 - 000003740 _____ C:\Windows\System32\Tasks\gatrouble_wardertrouble_warder
2018-04-16 13:47 - 2018-04-16 13:47 - 000003712 _____ C:\Windows\System32\Tasks\gamulroymulroy
2018-04-16 13:47 - 2018-04-16 13:47 - 000003712 _____ C:\Windows\System32\Tasks\gaalsoalso
2018-04-16 13:47 - 2018-04-16 13:47 - 000000012 _____ C:\Windows\b30168756
2018-04-16 13:46 - 2018-04-16 13:46 - 000000000 ____D C:\Windows\SysWOW64\avbsgdh
2018-04-16 13:46 - 2018-04-16 13:46 - 000000000 ____D C:\Windows\system32\avbsgdh
2018-04-16 13:46 - 2018-04-16 13:46 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\et
2018-04-16 13:46 - 2018-04-16 13:46 - 000000000 ____D C:\ProgramData\1523900800
2018-04-16 13:42 - 2018-04-16 13:42 - 000000388 _____ C:\Windows\ODBCINST.INI
2018-04-16 13:42 - 2018-04-16 13:42 - 000000000 ____D C:\ProgramData\Delivery Tech Corp
2018-04-16 10:49 - 2018-04-16 10:49 - 000010752 _____ C:\Windows\mannino.exe
2018-04-14 11:51 - 2018-04-14 11:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Earth Alerts
2018-04-14 11:51 - 2018-04-14 11:51 - 000000000 ____D C:\Program Files (x86)\Earth Alerts
2018-04-11 11:51 - 2018-03-14 13:14 - 000135360 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-11 11:51 - 2018-03-14 13:09 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-11 11:51 - 2018-03-14 09:05 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-11 11:51 - 2018-03-14 09:05 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2018-04-09 22:06 - 2018-04-09 22:06 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\DominiGames
2018-04-09 21:54 - 2018-04-16 21:13 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Labyrinths of the World - A Dangerous Game Collectors Edition
2018-04-09 15:56 - 2018-04-09 21:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePub Reader
2018-04-09 15:56 - 2018-04-09 21:46 - 000000000 ____D C:\Program Files (x86)\ePub Reader for Windows
2018-04-04 21:23 - 2018-04-04 21:23 - 000003018 _____ C:\Windows\System32\Tasks\{C874408B-6E37-4DD3-A298-8462981DB1B3}
2018-04-04 21:23 - 2018-04-04 21:23 - 000003018 _____ C:\Windows\System32\Tasks\{2A0B6C41-F09A-46CA-A26F-0B715BA5447C}
2018-04-04 21:22 - 2018-04-04 21:22 - 000003018 _____ C:\Windows\System32\Tasks\{DA9B580C-C680-40C0-B58B-0C574EA050C0}
2018-04-03 14:24 - 2018-04-03 14:24 - 000001061 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk
2018-04-03 14:12 - 2018-04-03 14:12 - 000001040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2018-04-03 11:25 - 2018-04-03 11:25 - 000004198 _____ C:\Windows\System32\Tasks\WpsExternal_Gpa-Jim_20180403112517
2018-04-03 11:25 - 2018-04-03 11:25 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office
2018-04-01 15:07 - 2018-03-31 11:20 - 1430171968 _____ C:\Users\Gpa-Jim\Desktop\MVI_3974.MOV
2018-03-18 00:49 - 2018-03-18 00:49 - 000000967 _____ C:\Users\Gpa-Jim\Desktop\Speedtest.lnk
2018-03-18 00:48 - 2018-03-18 00:48 - 000000000 ____D C:\Users\Gpa-Jim\AppData\LocalLow\Ookla
2018-03-18 00:48 - 2018-03-18 00:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla
2018-03-18 00:48 - 2018-03-18 00:48 - 000000000 ____D C:\Program Files (x86)\Speedtest
2018-03-14 13:38 - 2018-03-14 13:44 - 000000000 ____D C:\Users\Gpa-Jim\HDR Projects 5 Pro
2018-03-14 13:37 - 2018-03-14 13:38 - 000000000 ____D C:\Users\Gpa-Jim\Neat Projects Pro
2018-03-14 13:36 - 2018-03-21 22:47 - 000000000 ____D C:\Users\Gpa-Jim\Sharpen Projects standard
2018-03-14 13:33 - 2018-03-14 13:38 - 000000000 ____D C:\Users\Gpa-Jim\Projects Series
2018-03-14 13:33 - 2018-03-14 13:35 - 000000000 ____D C:\Users\Gpa-Jim\DeNoise Projects 2 Pro
2018-03-14 13:32 - 2018-03-14 13:32 - 000000000 ____D C:\Program Files\Photographer's Projects Collection 2018
2018-03-14 13:31 - 2018-03-14 13:31 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\FRANZIS PROJECTS SOFTWARE
2018-03-13 17:06 - 2018-04-10 16:19 - 000004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-03-10 23:38 - 2018-03-10 23:38 - 000002896 _____ C:\Windows\System32\Tasks\{7EA8615A-15A6-486F-9D09-CACFC7F5F0FA}
2018-03-10 23:37 - 2018-03-10 23:37 - 000002896 _____ C:\Windows\System32\Tasks\{047C46A9-DC95-4E9A-984D-9FA39F0C8760}
2018-03-10 23:37 - 2018-03-10 23:37 - 000002896 _____ C:\Windows\System32\Tasks\{00AA8307-4F08-4DA7-B089-98EDCE42DBC0}
2018-03-10 23:36 - 2018-03-10 23:36 - 000002896 _____ C:\Windows\System32\Tasks\{BBC0BE64-B8A9-4CBC-A739-935F0AB691ED}
2018-03-10 23:36 - 2018-03-10 23:36 - 000002896 _____ C:\Windows\System32\Tasks\{321375EC-67AD-41BA-9163-9672916C8138}
2018-03-10 23:33 - 2018-03-10 23:33 - 000002896 _____ C:\Windows\System32\Tasks\{2C602AC4-E69A-4DD2-8BF5-A9AAA8517EAD}
2018-03-08 22:03 - 2018-03-08 22:03 - 000000016 _____ C:\ProgramData\mntemp
2018-03-08 16:26 - 2018-03-08 16:27 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\FolderColorize
2018-03-02 17:21 - 2018-03-03 12:27 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Dashlane
2018-03-02 17:21 - 2018-03-02 17:21 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\Packages
2018-03-02 17:20 - 2018-03-07 22:08 - 000000020 _____ C:\TOSTACK
2018-03-02 11:34 - 2018-03-02 11:34 - 000000000 ____D C:\ProgramData\GlarySoft
2018-02-28 15:58 - 2018-02-28 15:58 - 000000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup-Disabled
2018-02-28 15:54 - 2018-02-28 15:55 - 406318820 _____ C:\Users\Gpa-Jim\Documents\Glary register backup.reg
2018-02-26 17:21 - 2018-02-26 17:21 - 000000000 ____D C:\ProgramData\UniqueId
2018-02-26 17:15 - 2018-02-26 17:15 - 000000355 _____ C:\Users\Gpa-Jim\Desktop\Computer - Shortcut.lnk
2018-02-26 14:59 - 2018-02-26 14:59 - 000003612 _____ C:\Windows\System32\Tasks\GlaryUpdate 5
2018-02-26 14:57 - 2018-02-26 15:09 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2018-02-26 14:57 - 2018-02-26 14:57 - 000020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2018-02-26 14:57 - 2018-02-26 14:57 - 000003320 _____ C:\Windows\System32\Tasks\GlaryInitialize 5
2018-02-26 14:57 - 2018-02-26 14:57 - 000001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2018-02-26 14:57 - 2018-02-26 14:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2018-02-26 14:39 - 2018-02-26 14:42 - 000000000 ____D C:\Windows\system32\config\RC Backup
2018-02-21 19:22 - 2018-02-21 19:22 - 000000000 ____D C:\Program Files\VueScan
2018-02-21 17:16 - 2018-02-21 19:22 - 000000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk
2018-02-18 17:42 - 2018-02-18 17:42 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2018-02-18 17:42 - 2018-02-18 17:42 - 000001209 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2018-02-18 16:56 - 2018-02-18 16:56 - 000000000 ____D C:\Users\Gpa-Jim\Documents\OO Software
2018-02-18 16:56 - 2018-02-18 16:56 - 000000000 ____D C:\Users\Gpa-Jim\Documents\O&O
2018-02-14 12:04 - 2018-02-14 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-02-13 23:38 - 2018-02-13 23:50 - 000203776 _____ C:\Users\Gpa-Jim\Documents\Date Night Coupon.PSProj
2018-02-13 23:30 - 2018-02-13 23:33 - 003714048 _____ C:\Users\Gpa-Jim\Documents\Dinner for Two Home Coupon.PSProj
2018-02-06 23:00 - 2018-02-06 23:00 - 000002930 _____ C:\Windows\System32\Tasks\{CE4C1F39-4F69-409B-8D42-D5DB5BD14E7C}
2018-02-03 22:52 - 2018-02-03 22:52 - 000003466 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Gpa-Jim-PC-Gpa-Jim
2018-02-02 23:03 - 2018-02-02 23:03 - 000000000 ____D C:\Users\Gpa-Jim\Downloads\Video
2018-02-02 23:03 - 2018-02-02 23:03 - 000000000 ____D C:\Users\Gpa-Jim\Downloads\Compressed
2018-01-21 23:09 - 2018-01-21 23:44 - 000000000 ____D C:\Users\Gpa-Jim\Desktop\pics
==================== Three Months Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-04-18 13:40 - 2016-02-09 14:51 - 000000000 ____D C:\FRST
2018-04-18 13:40 - 2009-07-13 22:34 - 021233664 _____ C:\Windows\system32\config\HARDWARE
2018-04-18 10:25 - 2015-01-10 17:47 - 000000000 ___RD C:\downloadsOLD
2018-04-18 03:37 - 2009-07-14 00:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-18 03:37 - 2009-07-14 00:45 - 000021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-18 02:00 - 2015-01-11 21:43 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\Adobe
2018-04-17 19:44 - 2015-10-31 14:35 - 000000000 ____D C:\Windows\pss
2018-04-17 19:33 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\registration
2018-04-17 16:10 - 2009-07-14 01:13 - 000868880 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-17 16:10 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-04-17 16:08 - 2017-04-20 21:39 - 000111544 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2018-04-17 16:08 - 2017-04-20 21:39 - 000082720 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2018-04-17 16:07 - 2017-04-20 21:39 - 000043968 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2018-04-17 16:07 - 2017-04-19 21:19 - 000251832 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2018-04-17 16:05 - 2017-06-06 20:31 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Earth Alerts
2018-04-17 16:02 - 2015-01-10 04:00 - 000000000 ____D C:\Temp
2018-04-17 16:01 - 2017-04-17 22:33 - 000000000 ____D C:\ProgramData\NVIDIA
2018-04-17 16:01 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-17 13:38 - 2017-04-17 22:35 - 000000000 ____D C:\Users\Gpa-Jim
2018-04-17 13:32 - 2017-10-09 17:50 - 000000000 ____D C:\ProgramData\OO DiskStat
2018-04-17 11:36 - 2009-07-13 23:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-04-17 11:01 - 2017-07-04 00:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-04-17 11:01 - 2015-01-11 20:34 - 000000000 ____D C:\Printing Jobs
2018-04-17 10:53 - 2017-05-03 14:38 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\icofx3
2018-04-17 10:53 - 2016-12-09 12:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2018-04-17 10:35 - 2017-04-20 21:39 - 000186304 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMChameleon.sys
2018-04-16 22:08 - 2017-01-21 18:15 - 000000000 ___RD C:\Users\Gpa-Jim\Creative Cloud Files
2018-04-16 22:08 - 2016-09-10 16:39 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2018-04-16 21:17 - 2015-04-14 20:47 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2018-04-16 21:13 - 2018-01-14 00:51 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale 2 - Rise of the King Collectors Edition
2018-04-16 21:13 - 2017-04-18 02:28 - 000000000 ____D C:\Windows\Panther
2018-04-16 20:41 - 2015-01-11 21:46 - 000000000 ____D C:\ProgramData\TEMP
2018-04-16 19:51 - 2016-08-18 13:43 - 000000000 ____D C:\Program Files (x86)\Restore Point Creator
2018-04-16 17:58 - 2016-09-10 16:39 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2018-04-16 13:47 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\system32\NDF
2018-04-16 13:42 - 2015-01-11 20:42 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-04-14 16:43 - 2015-03-13 16:08 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\SolSuite
2018-04-11 17:34 - 2017-04-19 14:25 - 000000000 ____D C:\Windows\system32\appraiser
2018-04-11 17:30 - 2015-01-11 15:13 - 000000000 ____D C:\Windows\system32\MRT
2018-04-11 17:26 - 2017-10-12 03:01 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-04-11 17:25 - 2017-04-18 23:22 - 136971704 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-04-10 16:19 - 2017-02-28 11:21 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-04-10 16:19 - 2015-01-11 21:44 - 000804864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-04-10 16:19 - 2015-01-11 21:44 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-04-10 16:19 - 2015-01-11 21:44 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-04-10 16:19 - 2015-01-11 21:44 - 000000000 ____D C:\Windows\system32\Macromed
2018-04-09 22:44 - 2015-02-08 03:45 - 000000000 ___RD C:\Users\Gpa-Jim\Desktop\GAMES
2018-04-09 21:51 - 2015-02-05 18:11 - 000000000 ____D C:\games
2018-04-07 16:10 - 2015-01-11 16:25 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-04-03 17:44 - 2015-01-19 01:49 - 000000000 ___RD C:\Users\Gpa-Jim\Desktop\ADOBE
2018-04-03 14:24 - 2017-01-21 18:25 - 000000000 ____D C:\Program Files\Adobe
2018-04-03 14:12 - 2016-07-28 22:41 - 000000000 ____D C:\Users\Gpa-Jim\Documents\Adobe
2018-04-03 14:12 - 2015-01-12 03:17 - 000000000 ____D C:\ProgramData\Adobe
2018-04-03 14:12 - 2015-01-11 15:04 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Roaming\Adobe
2018-04-03 11:25 - 2017-04-18 23:04 - 000003950 _____ C:\Windows\System32\Tasks\WpsUpdateTask_Gpa-Jim
2018-04-02 16:54 - 2015-01-26 15:47 - 000000000 ____D C:\Users\Gpa-Jim\AppData\Local\Nero
2018-03-31 22:44 - 2015-02-26 23:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-03-31 22:44 - 2009-07-14 01:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-03-21 21:19 - 2016-10-16 17:49 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-20 21:42 - 2017-04-23 10:45 - 000000000 ____D C:\Users\DefaultAppPool
2018-03-20 20:32 - 2017-07-27 14:18 - 000003180 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3207529590-585244797-2999148210-1000
2018-03-20 20:32 - 2017-05-18 19:20 - 000000000 ___RD C:\Users\Gpa-Jim\Desktop\OneDrive
2018-03-20 20:32 - 2017-05-18 19:10 - 000002164 _____ C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
==================== Files in the root of some directories =======
2016-12-12 21:41 - 2016-12-12 21:41 - 000000020 ___SH () C:\Users\Gpa-Jim\AppData\Roaming\1816CA7466166.ind
2015-03-13 13:28 - 2015-05-14 23:52 - 000003284 _____ () C:\Users\Gpa-Jim\AppData\Roaming\ANIWZCS{F5C62263-7257-490B-882D-AC8310E18FB3}
2015-04-18 21:36 - 2015-04-18 21:39 - 000000672 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Contact Sheet II.xml
2015-04-18 21:36 - 2015-04-18 21:39 - 000008513 _____ () C:\Users\Gpa-Jim\AppData\Roaming\ContactSheetII.log
2015-01-14 16:19 - 2015-01-14 16:19 - 000000005 _____ () C:\Users\Gpa-Jim\AppData\Roaming\mgrtrin.sys
2016-12-12 21:41 - 2016-12-12 21:41 - 000000020 ___SH () C:\Users\Gpa-Jim\AppData\Roaming\Programs8187ConfigDB.dat
2015-03-11 23:10 - 2015-03-11 23:10 - 000000020 ___SH () C:\Users\Gpa-Jim\AppData\Roaming\Sys11965 DataCollection.dat
2015-03-11 23:10 - 2015-03-11 23:10 - 000000020 ___SH () C:\Users\Gpa-Jim\AppData\Roaming\System413_DataDB.ind
2015-01-11 16:17 - 2015-01-11 16:17 - 000000024 ___SH () C:\Users\Gpa-Jim\AppData\Roaming\System5908ConfigCollection.dat
2013-04-19 18:00 - 2013-04-19 18:00 - 002044024 _____ (Resplendence Software Projects Sp. ) C:\Users\Gpa-Jim\AppData\Roaming\WhoCrashed.Pro.v4.01.exe
2015-12-05 17:17 - 2016-05-29 12:53 - 000000003 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\AK.ft
2018-04-17 21:05 - 2018-04-16 10:49 - 000010752 _____ () C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
2018-04-17 19:41 - 2018-04-17 19:41 - 000000017 _____ () C:\Users\Gpa-Jim\AppData\Local\resmon.resmoncfg
2017-04-23 00:19 - 2017-07-25 11:11 - 000000175 _____ () C:\Users\Gpa-Jim\AppData\Local\vbnum6.cfg
2017-04-23 00:19 - 2017-07-25 11:11 - 000000197 _____ () C:\Users\Gpa-Jim\AppData\Local\vbnum6.num
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\tibsvzcf.sys -> Access Denied <======= ATTENTION
==================== BCD ================================
Windows Boot Manager
--------------------
identifier {bootmgr}
device partition=C:
description Windows Boot Manager
locale en-US
inherit {globalsettings}
default {current}
resumeobject {a3d5fc62-68d1-11e6-ad09-db7d921539ce}
displayorder {current}
toolsdisplayorder {memdiag}
timeout 30
Windows Boot Loader
-------------------
identifier {current}
device partition=C:
path \Windows\system32\winload.exe
description Windows 7
locale en-US
inherit {bootloadersettings}
osdevice partition=C:
systemroot \Windows
resumeobject {a3d5fc62-68d1-11e6-ad09-db7d921539ce}
nx OptIn
Resume from Hibernate
---------------------
identifier {a3d5fc62-68d1-11e6-ad09-db7d921539ce}
device partition=C:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale en-US
inherit {resumeloadersettings}
filedevice partition=C:
filepath \hiberfil.sys
debugoptionenabled No
Windows Memory Tester
---------------------
identifier {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale en-US
inherit {globalsettings}
badmemoryaccess Yes
Windows Legacy OS Loader
------------------------
identifier {ntldr}
device partition=C:
path \ntldr
description Earlier Version of Windows
EMS Settings
------------
identifier {emssettings}
bootems Yes
Debugger Settings
-----------------
identifier {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM Defects
-----------
identifier {badmemory}
Global Settings
---------------
identifier {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Boot Loader Settings
--------------------
identifier {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisor Settings
-------------------
identifier {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Resume Loader Settings
----------------------
identifier {resumeloadersettings}
inherit {globalsettings}
LastRegBack: 2018-04-18 04:17
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2018
Ran by Gpa-Jim (18-04-2018 13:41:02)
Running from C:\Users\Gpa-Jim\Desktop
Windows 7 Professional Service Pack 1 (X64) (2017-04-18 13:59:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3207529590-585244797-2999148210-500 - Administrator - Disabled)
Gpa-Jim (S-1-5-21-3207529590-585244797-2999148210-1000 - Administrator - Enabled) => C:\Users\Gpa-Jim
Guest (S-1-5-21-3207529590-585244797-2999148210-501 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Total AV (Disabled - Up to date) {AC3490DF-B2AE-610F-9290-A5E6E0CD5323}
AS: Total AV (Disabled - Up to date) {1755713B-9494-6E81-A820-9E949B4A199E}
AS: Microsoft Security Essentials (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACDSee Video Converter Pro 5 (HKLM-x32\...\ACDSee_acdVCPro5) (Version: 5.0.0.799 - ACD Systems International Inc.)
Acoustica CD/DVD Label Maker (HKLM-x32\...\Acoustica CD/DVD Label Maker) (Version: - )
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.023.20056 - Adobe Systems Incorporated)
Adobe Bridge CC (64 Bit) (HKLM-x32\...\{359F8007-6486-429C-A8C5-D67F6897C88C}) (Version: - Adobe Systems Incorporated)
Adobe Bridge CC 2018 (HKLM-x32\...\KBRG_8_0_1) (Version: 8.0.1 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.4.1.298 - Adobe Systems Incorporated)
Adobe Flash Player 29 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.140 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Lightroom Classic CC (HKLM-x32\...\LTRM_7_3) (Version: 7.3 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_1_3) (Version: 19.1.3 - Adobe Systems Incorporated)
Adobe Touch App Plugins (HKLM-x32\...\{1EC083EE-5B76-4A2A-B95A-CAF460AA29D6}) (Version: 1.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 - PainteR)
Affinity Photo (HKLM\...\{CBBDEFC9-7345-4077-93AC-905ACF632981}) (Version: 1.6.1.93 - Serif (Europe) Ltd)
Aiseesoft Video Converter Ultimate 9.2.30 (HKLM-x32\...\{BD446D04-7426-4a27-9B0B-33B0C386F71B}_is1) (Version: 9.2.30 - Aiseesoft Studio)
AKVIS Neon (HKLM\...\{D66F9CF3-5FC8-453F-B7A3-78780E6A3423}) (Version: 2.5.370.14175 - AKVIS)
AKVIS Neon 2.5 Activation version 2.5 (HKLM-x32\...\{9AEADEED-CB8E-4959-B7E6-955BDCF2A5CC}_is1) (Version: 2.5 - SamuRa1)
AKVIS Refocus (HKLM\...\{C6059B1A-E091-4B1D-8040-64DB2F932FFB}) (Version: 6.5.574.14314 - AKVIS)
Alien Skin Blow Up 3 (HKLM\...\Alien Skin Blow Up 3) (Version: - Alien Skin)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version: - Alien Skin)
Alien Skin Eye Candy 7 (HKLM\...\Alien Skin Eye Candy 7) (Version: - Alien Skin)
Alien Skin Snap Art 4 (HKLM\...\Alien Skin Snap Art 4) (Version: - Alien Skin)
Angry Birds Star Wars II (HKLM-x32\...\{F2901A5D-DB84-4E40-AD63-F8DFB239DD86}) (Version: 1.5.1 - Rovio Entertainment Ltd.)
ANIWZCS2 Service (HKLM-x32\...\{4C590030-7469-453E-8589-D15DA9D03F52}) (Version: - )
ANT Drivers Installer x64 (HKLM\...\{00EC0123-5EC2-4D75-830C-EF11667E74E8}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.9.5 - RedFox)
Around the World in 80 Levels (HKLM-x32\...\{1D296966-4DD2-4E45-A2E3-C2966D55B0B5}) (Version: 1.0.0.1 - LeeGT-Games)
Art Explosion Calendar Maker version 2.0.0.1 (HKLM-x32\...\{C7331C9C-BBA1-4D09-AF95-90B33DD19FDA}_is1) (Version: 2.0.0.1 - Nova Development)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.15.0 - Asmedia Technology)
Astrology (HKLM-x32\...\VASTRO) (Version: 2.4.10 - VeBest)
ASUS GPU Tweak (HKLM-x32\...\{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.) Hidden
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.6.8.3 - ASUSTek COMPUTER INC.)
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.025 - ASUSTek Computer Inc.)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Aurora HDR 2018 (HKLM\...\{8C3C5604-B034-4073-BBF8-4BB4B6136D4D}) (Version: 1.1.1.941 - Skylum) Hidden
Aurora HDR 2018 (HKLM-x32\...\{9f0998ab-75e3-4c8e-afa3-aa6b82f24cfc}) (Version: 1.1.1.941 - Skylum)
Bejeweled 3 (HKLM-x32\...\Bejeweled 31.0) (Version: 1.0 - AllSmartGames)
Bejeweled Blitz (HKLM-x32\...\{22BA5519-3320-4E67-A45A-7F0B80E6E0EA}) (Version: 1.0.9.7400 - LeeGT-Games)
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Big Kahuna Reef 3 - The Lost Talismans (HKLM-x32\...\Big Kahuna Reef 3 - The Lost Talismans) (Version: 3.1.0.2 - LeeGT-Games)
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
BluffTitler (HKLM-x32\...\BluffTitler) (Version: - Outerspace Software)
Bonus Pack 2016 (HKLM-x32\...\{A88F4B3C-EFB4-49C7-B34E-6054C467D325}) (Version: 1.0.0.1 - Creative Home)
Bonus Pack 2017 (HKLM-x32\...\{CD9E90C5-8567-4CB3-AF48-0016A85FAD28}) (Version: 1.0.0.7 - Creative Home)
Bonus Pack 2018 (HKLM-x32\...\{4E03CE4B-8698-41F9-97F8-E51BAD95A313}) (Version: 1.0.0.8 - Creative Home)
BrainWave Generator (HKLM-x32\...\BrainWave Generator) (Version: - )
Business Card Studio (HKLM-x32\...\{26413EE3-C4B2-4A06-8225-72649315337D}) (Version: 5.0.2 - Summitsoft)
calibre 64bit (HKLM\...\{35E6D951-3B09-4FF3-BE67-EAEC919ADCCF}) (Version: 2.77.0 - Kovid Goyal)
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Capture One 9.0 (HKLM\...\CaptureOne9_is1) (Version: 9.0.1.13 - Phase One A/S)
CCleaner (HKLM\...\CCleaner) (Version: 5.27 - Piriform)
Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition (HKLM-x32\...\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition) (Version: 1.0.0 - LeeGT-Games)
Chicken Invaders 5: Cluck of the Dark Side (HKLM-x32\...\BFG-Chicken Invaders 5 - Cluck of the Dark Side) (Version: - )
CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: 2.9.3.0 - Elaborate Bytes)
Collage Generator 1.36 (HKLM-x32\...\{6186E9FB-50EF-4913-9163-0DD85EF9BDA2}_is1) (Version: - AMS Software)
Corel Painter 2016 - Content (HKLM\...\{728D4551-DB51-4D3F-8123-AED69C3F5A57}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - Core (HKLM\...\{D169FC15-DF51-42F5-9C28-B6CFB2218872}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - Corex64 (HKLM\...\{06CAD9DA-8C4F-4C53-ADEC-D37CF0E569B5}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - CT (HKLM\...\{0C0D56B0-429B-4011-BF66-FC2628AA22EF}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - DE (HKLM\...\{7582B55A-4F1F-4727-9EEA-181111E74510}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - EN (HKLM\...\{167574A7-D8B6-4F00-BCE9-CEAA82DC3AC1}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - FR (HKLM\...\{4C381455-7ACC-4DF1-9312-A0B7C859A018}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 - IPM (HKLM\...\{84539480-78E2-4EBD-ADE4-298C908605A1}) (Version: 15.1 - Corel Corporation) Hidden
Corel Painter 2016 - IPM Content (HKLM\...\{D8090580-DACC-4687-A637-B97BA5505F89}) (Version: 15.0 - Corel Corporation) Hidden
Corel Painter 2016 - JP (HKLM\...\{84CEC8DC-D6FD-445F-8867-F9603B51B97A}) (Version: 15.1.5 - Corel Corporation) Hidden
Corel Painter 2016 (HKLM\...\_{D67BA419-F1DE-42C2-A319-DE5F15A05333}) (Version: 15.1.0.740 - Corel Corporation)
Corel Update Manager (HKLM\...\{1E7AD2D2-EDD9-4334-992D-7F7ED9769217}) (Version: 2.7.355 - Corel corporation) Hidden
Corsair Utility Engine (HKLM-x32\...\{D1A3ECB3-18F1-4EB2-9C1B-A83DE1D16976}) (Version: 2.10.71 - Corsair)
Cosmic Bugs (HKLM-x32\...\Cosmic Bugs1.0) (Version: 1.0 - www.rapidfrnds.com)
CPUID ASUS CPU-Z 1.69 (HKLM\...\CPUID ASUS CPU-Z_is1) (Version: 1.69 - CPUID, Inc.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Dazzle Video Capture DVC100 X64 Driver 1.06 (HKLM-x32\...\{BFF23267-1D19-444E-93E2-E5059BE805EA}) (Version: 1.06.0000 - Pinnacle) Hidden
Desktop Toilet (HKLM-x32\...\Desktop Toilet5.0) (Version: 5.0 - MicroSECONDS Computer Consulting)
D-Link RangeBooster N DWA-140 (HKLM-x32\...\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}) (Version: - D-Link)
Doors (HKLM\...\ZG9vcnM_is1) (Version: 1 - )
Earth Alerts (HKLM-x32\...\{F9F3B08B-C6BF-4DE8-97EA-08EE76EEA6ED}) (Version: 18.1.10 - South Wind Technologies)
Easy Photo Scan (HKLM-x32\...\{04A3C7AC-C350-46FA-8F72-C4E3F6B50D07}) (Version: 1.00.0004 - Seiko Epson Corporation)
Edge of Reality Ring of Destiny Collectors Edition 1.00 (HKLM-x32\...\Edge of Reality Ring of Destiny Collectors Edition 1.00) (Version: 1.00 - Games)
Elevated Installer (HKLM-x32\...\{9AB7E852-655C-4BDE-9042-1D3E6807C85A}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Elf Bowling The Last Insult (HKLM-x32\...\Elf Bowling The Last Insult_is1) (Version: - )
Epson Copy Utility 4 (HKLM-x32\...\{B835ADF3-3807-4B06-8E23-3B84AD67C4D7}) (Version: 4.01.0000 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{747C2710-1D8F-46DD-ADF0-6EE0D980F13C}) (Version: 3.10.0039 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.00.00 - SEIKO EPSON CORPORATION)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version: - SEIKO EPSON Corporation)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
ePub Reader for Windows version 5.4 (HKLM-x32\...\{BFBA7F3A-1F10-4754-ADEC-A8CFBB4F925B}_is1) (Version: 5.4 - HANSoft, Inc.)
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FaceFilter v3.02 SE (HKLM-x32\...\{6020758E-57A9-41E3-AF20-8EE311EA6156}) (Version: 3.02.2713.1 - Reallusion Inc.)
Feist (HKLM-x32\...\{07C26A54-BC65-4214-94AD-0213A4284EF9}_is1) (Version: 1.0 - Finji)
FontTwister 1.3 (HKLM-x32\...\FontTwister) (Version: 1.3 - Neuber GmbH)
Frankenstein - The Village (HKLM-x32\...\Frankenstein - The Village) (Version: 1.0.0 - LeeGT-Games)
Free Alarm Clock (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 4.0.1.0 - Comfort Software Group)
Garmin Express (HKLM-x32\...\{E695D74A-9567-46DA-A4EE-0E191F21194B}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{fb1ff7db-c0d2-43c4-99bf-5b2fa4f9ca0b}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{7C8FDEF1-F311-459C-B3CC-EEF73C721BFD}) (Version: 6.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Gnaural ver. 1.0.20110606 (HKLM-x32\...\Gnaural_is1) (Version: - Bret Logan)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Drive (HKLM-x32\...\{9BC95947-92FD-438B-A168-C01F9A5B7292}) (Version: 2.34.7529.6838 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{18455581-E099-4BA8-BC6B-F34B2F06600C}) (Version: 1.0.0 - Google Inc.) Hidden
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.8231.2252 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPUTweakStreaming (HKLM-x32\...\{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS) Hidden
GPUTweakStreaming (HKLM-x32\...\InstallShield_{D2A41AA7-4313-43D5-AA39-7E3FBBE0556D}) (Version: 1.0.3.5 - ASUS)
Hallmark Card Studio 2015 Bonus Pack (HKLM-x32\...\{2C69ABC9-55B7-410E-89AB-4CBD84D8D37B}) (Version: 1.0.0.1 - Creative Home)
Hallmark Card Studio 2015 Deluxe (HKLM-x32\...\{F2117332-1A36-4D3B-854D-A8D10735B4DF}) (Version: 16.0.0.11 - Creative Home)
Hallmark Card Studio 2016 Deluxe (HKLM-x32\...\{8B89C389-8C13-4A95-BA2D-87DC5FFB620C}) (Version: 17.0.1.1 - Creative Home)
Hallmark Card Studio 2017 Deluxe (HKLM-x32\...\{EA4F7D75-C9E5-4349-AA68-ABF0FEEA90EF}) (Version: 18.0.0.14 - Creative Home)
Hallmark Card Studio 2018 Deluxe (HKLM-x32\...\{6A5E49ED-49CD-470D-BF5F-44CF84B54C35}) (Version: 19.0.1.1 - Creative Home)
Heavy Weapon (HKLM-x32\...\Heavy Weapon) (Version: - iWin.com)
Helicon Focus (HKLM\...\Helicon Focus 6_is1) (Version: - Helicon Soft Ltd.)
Helicon Remote 3.8.4.0 (HKLM-x32\...\HeliconRemote_is1) (Version: 3.8.4.0 - Helicon Soft Ltd.)
Hidden Expedition - The Fountain of Youth Collectors Edition (HKLM-x32\...\Hidden Expedition - The Fountain of Youth Collectors Edition) (Version: 1.0.0 - LeeGT-Games)
Home Photo Studio 7.0 (HKLM-x32\...\{8D4B3DEB-2E18-4B7F-9CCB-4816A55F4D87}_is1) (Version: - AMS Software)
i1_driver_installer_utility_i1Match version 1.0 (HKLM-x32\...\i1_driver_installer_utility_i1Match_is1) (Version: - X-Rite)
icofx 3.0.3 (HKLM-x32\...\icofx 3_is1) (Version: 3.0.3 - IcoFX Software S.R.L.)
IconHandler 64 bit (HKLM\...\{4E82E2E9-668B-4F8A-814A-78E163FCDBCD}) (Version: 2.0 - Corel Corporation) Hidden
Intel® Chipset Device Software (HKLM-x32\...\{4a87bd28-a855-4a8d-b133-60ca8ccffd30}) (Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Network Connections 19.1.51.0 (HKLM\...\PROSetDX) (Version: 19.1.51.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
IPM_Common_x64 (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.7.355 - Your Company Name) Hidden
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Jewel Match - Winter Wonderland (HKLM-x32\...\Jewel Match - Winter Wonderland) (Version: 1.0.0 - LeeGT-Games)
Jewel Match (HKLM-x32\...\Jewel Match) (Version: 1.4.0 - LeeGT-Games)
Jewel Match 2 Reloaded (HKLM-x32\...\Jewel Match 2 Reloaded) (Version: 1.0.0 - LeeGT-Games)
Jewel Match 4 (HKLM-x32\...\Jewel Match 4) (Version: 1.1.0 - LeeGT-Games)
Jewel Match Royale 2 - Rise of the King Collectors Edition (HKLM-x32\...\Jewel Match Royale 2 - Rise of the King Collectors Edition) (Version: 1.0.0 - LeeGT-Games)
Jewel Match Royale Collectors Edition (HKLM-x32\...\Jewel Match Royale Collectors Edition) (Version: 1.0.0 - LeeGT-Games)
Jewel Match Snowscapes (HKLM-x32\...\Jewel Match Snowscapes1.0) (Version: 1.0 - Your Company)
Jewel Quest - Seven Seas Collectors Edition (HKLM-x32\...\Jewel Quest - Seven Seas Collectors Edition) (Version: 1.0.0 - LeeGT-Games)
JRiver Media Center 23 (HKLM-x32\...\Media Center 23) (Version: 23 - JRiver, Inc.)
jv16 PowerTools 2014 (HKLM-x32\...\jv16 PowerTools 2014) (Version: - Macecraft Software)
jv16 PowerTools 2017 (HKLM-x32\...\jv16 PowerTools 2017) (Version: 4.1.0.1631 - Macecraft Software)
Kaspersky Total Security (HKLM-x32\...\{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Kingsoft PDF to Word SDK (2.0.1) (HKLM\...\{F0915BBA-A86F-4672-807D-30F38DFC2B44}) (Version: 2.0.1 - Zhuhai Kingsoft Office Software Co.,Ltd)
Labyrinths of the World - A Dangerous Game Collectors Edition (HKLM-x32\...\Labyrinths of the World - A Dangerous Game Collectors Edition) (Version: 1.0.0 - LeeGT-Games)
Logitech Camera Diagnostic (HKLM-x32\...\LogiUCDiagnostic) (Version: 1.1.90.0 - Logitech Europe S.A.)
Logitech Options (HKLM\...\LogiOptions) (Version: - Logitech)
Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Macrium Reflect Home Edition (HKLM\...\{1B57986B-4C27-4E46-99EC-A409A5794766}) (Version: 6.3.1821 - Paramount Software (UK) Ltd.) Hidden
Macrium Reflect Home Edition (HKLM\...\MacriumReflect) (Version: 6.3 - Paramount Software (UK) Ltd.)
Magic Match (HKLM-x32\...\Magic Match) (Version: 1.0.0 - LeeGT-Games)
MahJong Suite (HKLM-x32\...\{7D4AA2B2-9513-4B4E-A939-1471E36A9F3B}) (Version: 13.0 - SamuRa1 @ SaNet.me)
MahJong Suite 2017 v14.0 (HKLM-x32\...\MahJong Suite_is1) (Version: 14.0 - TreeCardGames)
Malwarebytes Anti-Exploit version 1.12.1.67 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.12.1.67 - Malwarebytes)
Malwarebytes version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Medford Asylum Paranormal Case (HKLM-x32\...\Medford Asylum Paranormal Case1.0) (Version: 1.0 - rapidfrnds)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM-x32\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 59.0.2 (x64 en-US) (HKLM\...\Mozilla Firefox 59.0.2 (x64 en-US)) (Version: 59.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 57.0.4 - Mozilla)
Mozilla Thunderbird 45.7.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 45.7.1 (x86 en-US)) (Version: 45.7.1 - Mozilla)
MPC-HC 1.7.8 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.8 - MPC-HC Team)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Music Recorder (HKLM-x32\...\{F3570612-8403-45C2-92DD-2A261CA54BBC}) (Version: 14.1.7200.0 - Audials AG)
Nero 2016 (HKLM-x32\...\{9AFD4E43-C353-40B8-BDC6-6A80F66FA142}) (Version: 17.0.01500 - Nero AG)
Nero 2016 Content Pack (HKLM-x32\...\{006F5CFF-ED35-41AF-9B2A-F52B0F545BF4}) (Version: 17.0.00200 - Nero AG)
Nero 7 Ultra Edition (HKLM-x32\...\{CF097717-F174-4144-954A-FBC4BF301033}) (Version: 7.02.9753 - Nero AG)
Nero Info (HKLM-x32\...\{F030BFE8-8476-4C08-A553-233DE80A2BE1}) (Version: 16.0.2003 - Nero AG)
Nero MediaHome Free (HKLM-x32\...\{8D6E4AD3-7E0C-4380-BD5E-D97779505971}) (Version: 17.0.00500 - Nero AG)
Nero Prerequisite Installer 6.0 (HKLM-x32\...\{E5BAA2DF-F586-4319-BF9B-30AA50AD6B5D}) (Version: 18.0.00100 - Nero AG)
Nero Prerequisite Installer 7.0 (HKLM-x32\...\{20A619F0-E309-4434-A7ED-C270759803AA}) (Version: 19.0.00000 - Nero AG)
Nero SoundTrax (HKLM-x32\...\{1719AD70-BA9C-4878-AF32-B52EF7D68A35}) (Version: 14.0.00500 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{D0656D0B-9712-45BD-9243-21FEBF5B05E5}) (Version: 14.0.00600 - Nero AG)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
nikcollection-full-1.2.11 1.2.11.0 (HKLM-x32\...\nikcollection-full-1.2.11 1.2.11.0) (Version: 1.2.11.0 - nikcollection)
Nostradamus - The Four Horseman of the Apocalypse (HKLM-x32\...\Nostradamus - The Four Horseman of the Apocalypse) (Version: 1.0.0 - LeeGT-Games)
Numerology (HKLM-x32\...\VBNUM7) (Version: 7.3.33 - VeBest)
NVIDIA 3D Vision Controller Driver 347.09 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 347.09 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 347.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.2.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.2.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 347.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 347.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.33.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.33.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{0FDB84EB-C1FE-4684-8673-C490E3F06D16}) (Version: 21.0.1115 - O&O Software GmbH)
O&O DiskImage Professional (HKLM\...\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}) (Version: 10.0.90 - O&O Software GmbH)
Oddworld - New 'n' Tasty (HKLM-x32\...\1424782569_is1) (Version: 2.0.0.1 - GOG.com)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Painter 2016 - Setup Files (HKLM\...\{D67BA419-F1DE-42C2-A319-DE5F15A05333}) (Version: 15.1.5 - Corel Corporation) Hidden
Paragon Hard Disk Manager™ 15 Professional (HKLM\...\{1E104AF0-EA49-11DE-AC07-005056C00008}) (Version: 90.00.0003 - Paragon Software)
ParticleShop - Core (HKLM\...\{539A8441-261C-42DA-8B4B-FB512F61D33B}) (Version: 1.5 - Corel Corporation) Hidden
ParticleShop - IPM (HKLM\...\{9E99AA1D-F1DC-442D-B9D9-8DD3EE529AE9}) (Version: 1.5 - Corel Corporation) Hidden
ParticleShop - IPM Content (HKLM\...\{67BDB811-383B-4D2B-870E-F27D2511F200}) (Version: 1.5 - Corel Corporation) Hidden
ParticleShop (HKLM\...\_{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.5.0.108 - Corel Corporation)
ParticleShop (HKLM\...\{6F224046-E164-4B78-9867-3AE494271D29}) (Version: 1.5 - Corel Corporation) Hidden
ParticleShop (HKLM\...\{D4F483F8-71F1-457F-AB1B-31C61529B658}) (Version: 1.5 - Corel Corporation) Hidden
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Perfection V600 User's Guide version 1.0 (HKLM-x32\...\UsersGuidePerfection V600 User's Guide_is1) (Version: 1.0 - )
Perfectly Clear Complete V3 (x64) (HKLM\...\{822954B3-8E68-4356-BD2A-7208927D4201}) (Version: 3.0.4.625 - Athentech Imaging)
ph (HKLM-x32\...\{185F9795-9663-4F13-9EF9-307A282ADB5A}) (Version: 1.0.0 - Your Company Name) Hidden
Photodex Presenter (HKLM-x32\...\Photodex Presenter) (Version: - Photodex Corporation)
Photographer's Projects Collection 2018 (HKLM\...\{8FB059E2-2B16-4FC3-924A-2268716CDBA1}) (Version: 2018 - FRANZIS PROJECTS SOFTWARE) Hidden
Photographer's Projects Collection 2018 (HKLM\...\Photographer's Projects Collection 2018 2018) (Version: 2018 - FRANZIS PROJECTS SOFTWARE)
Photomatix Pro version 6.0 (HKLM\...\PhotomatixPro6x64_is1) (Version: 6.0 - HDRsoft Ltd)
Poker Superstars III 1.00 (HKLM-x32\...\Poker Superstars III 1.00) (Version: - )
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0010 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{5F284483-EE8D-447E-BEBE-2BF13B08C4BF}) (Version: 17.0.0002 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{AD240F1A-3102-492E-B657-17969A9D5E9A}) (Version: 19.0.0003 - Nero AG) Hidden
Prerequisite installer (HKLM-x32\...\{EB511CD1-C87C-490D-A7B1-D6C47F57820F}) (Version: 18.0.0003 - Nero AG) Hidden
Print Artist Platinum 24 (HKLM-x32\...\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}) (Version: 24.0.1.25 - Nova Development)
Print Artist Platinum 25 (HKLM-x32\...\{54E76A97-D5FB-4EF4-857B-838E47705B98}) (Version: 25.0.0.6 - Nova Development)
Print Artist Scrapbooks and More (HKLM-x32\...\{16FE986C-A70B-42F4-B627-6F3F8460D9BE}) (Version: 25.0.0.10 - Nova Development)
Professor Fizzwizzle and the Molten Mystery 1.00 (HKLM-x32\...\Professor Fizzwizzle and the Molten Mystery 1.00) (Version: - )
Professor Heinz Wolff's Gravity (HKLM-x32\...\{C56A4D16-FAE8-4F5F-9033-7B339CDF549B}) (Version: 1.5.0 - LeeGT-Games)
ProShow Producer (HKLM-x32\...\ProShow Producer) (Version: - Photodex Corporation)
ProShow Producer version 8.0 (HKLM-x32\...\{99F8A3F4-2F94-468A-9764-B51DEFDF7B3B}_is1) (Version: 8.0 - Photodex)
qBittorrent 4.0.3 (HKLM-x32\...\qBittorrent) (Version: 4.0.3 - The qBittorrent project)
RBVirtualFolder64Inst (HKLM\...\{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
realMyst - Masterpiece Edition (HKLM-x32\...\GOGPACKREALMYSTMASTERPIECEEDITION_is1) (Version: 2.0.0.3 - GOG.com)
Redfield Plugins (HKLM-x32\...\Redfield Plugins) (Version: - )
Restore Point Creator version 7.0 Build 4 (HKLM\...\{CC48DE1C-8EC2-43BC-9201-29701CD9AE13}_is1) (Version: 7.0 - Tom Parkison)
Rosetta Stone Language Training (HKLM-x32\...\{00384623-4937-4D7D-BDD9-23513D1C50AB}) (Version: 5.0.13.0 - Rosetta Stone, Ltd)
Rosetta Stone Ltd Services (HKLM-x32\...\{3165E4A6-D5DE-46B0-8597-D55E2B826B84}) (Version: 3.2.21 - Rosetta Stone Ltd.)
Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: 16.0.50.1 - Roxio)
Roxio Virtual Drive x64 (HKLM\...\{632DCE79-2711-4B07-BB89-DA763E96840C}) (Version: 1.00.0000 - Roxio, Inc.) Hidden
Serif MoviePlus X6 (HKLM-x32\...\{E7D12C5A-7619-4673-9602-6FBBBD7E8224}) (Version: 8.0.2.021 - Serif (Europe) Ltd)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.0.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 17.12.8 - NVIDIA Corporation) Hidden
SIGMA Optimization Pro (HKLM-x32\...\{A75A7BEA-7A33-46FF-A2CD-3B0AF8023903}) (Version: 1.4.1.0 - SIGMA CORPORATION)
SimpleRockets (HKLM-x32\...\{7B38B3F0-902B-4AE8-9560-97F71050DFBB}) (Version: 1.0.0 - Jundroo)
Sky Force Reloaded (HKLM\...\DARKSiDERS - Sky Force Reloaded) (Version: - DARKSiDERS)
Sky Gamblers Storm Raiders (HKLM-x32\...\Sky Gamblers Storm Raiders_is1) (Version: - )
SmartDeblur (HKLM-x32\...\SmartDeblur_is1) (Version: 2.2 - )
Smilebox (HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\Smilebox) (Version: - )
Snagit 12 (HKLM-x32\...\{53fbf2d1-4397-4bef-9e1c-7bf5591918ac}) (Version: 12.2.2.2088 - TechSmith Corporation)
Snagit 12 (HKLM-x32\...\{979028FC-2DBF-4BB4-A9EC-4627A9D63D50}) (Version: 12.2.2 - TechSmith Corporation) Hidden
Snagit 13 (HKLM-x32\...\{30f80ad7-419b-4949-9a17-77588722fe59}) (Version: 13.1.3.7993 - TechSmith Corporation)
Snagit 13 (HKLM-x32\...\{F0EE4FB7-90E5-445A-84BD-EA3844994034}) (Version: 13.1.3 - TechSmith Corporation) Hidden
SolSuite 2016 v16.5 (HKLM-x32\...\SolSuite_is1) (Version: 16.5 - TreeCardGames)
Space Strike (HKLM-x32\...\{3773CF5E-58AC-4B18-8665-8EEE8FF9E106}) (Version: 1.0.0 - LeeGTs Games)
Speedtest by Ookla (HKLM\...\{4CB99888-11EE-4B49-BC91-447FF7FCD975}) (Version: 1.0.14.001 - Ookla)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Spyder4Elite (HKLM-x32\...\Spyder4Elite) (Version: - )
Spyder4Pro (HKLM-x32\...\Spyder4Pro) (Version: - )
Star Defender 4 (HKLM-x32\...\{14527060-7EC2-46BE-8AC1-CFE950DA3E24}) (Version: 1.00.0000 - Valusoft)
Stashimi Stub Installer (HKLM-x32\...\{910B539D-F257-46C8-9CB8-6C95EFF9CF22}) (Version: 18.001.1 - Nero AG) Hidden
Super Cyborg - Steam Edition (HKLM-x32\...\Super Cyborg - Steam Editionv1.23) (Version: v1.23 - Artur Games)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
The Mystery of a Lost Planet (HKLM-x32\...\The Mystery of a Lost Planet1.0) (Version: 1.0 - www.rapidfrnds.com)
The Print Shop 4.0 Fonts (HKLM-x32\...\{F5E57EC6-FE42-4140-90CD-3A5559B42C96}) (Version: 1.00.0000 - Encore)
The Print Shop 4.0 Professional (HKLM-x32\...\{B9B030ED-7634-4FC1-B1F7-7F1A7445EB72}) (Version: 1.00.0000 - Encore)
The Swindle (HKLM-x32\...\1436971395_is1) (Version: 2.5.0.8 - GOG.com)
Thermal Radar 2 (HKLM-x32\...\{0090086B-0FDF-4ED5-B99E-CF059944BB2B}) (Version: - )
Topaz Adjust 5 (HKLM-x32\...\Topaz Adjust 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1.0 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.2.0 - Topaz Labs, LLC)
Topaz DeJpeg 4 (HKLM-x32\...\Topaz DeJpeg 4) (Version: 4.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.1.0 - Topaz Labs, LLC)
Topaz DeNoise 6 (HKLM-x32\...\Topaz DeNoise 6) (Version: 6.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.3.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (64-bit) (HKLM-x32\...\Topaz Fusion Express 2 (64-bit)) (Version: 2.1.1 - Topaz Labs)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.1 - Topaz Labs)
Topaz Glow (HKLM\...\Topaz Glow) (Version: 1.0.1 - Topaz Labs, LLC)
Topaz Glow 2 (HKLM\...\Topaz Glow 2) (Version: 2.0.0 - Topaz Labs, LLC)
Topaz Impression 2 (HKLM\...\Topaz Impression 2) (Version: 2.0.3 - Topaz Labs, LLC)
Topaz InFocus (HKLM-x32\...\Topaz InFocus) (Version: 1.1.0 - Topaz Labs, LLC)
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz ReMask 4 (HKLM-x32\...\Topaz ReMask 4) (Version: 4.0.0 - Topaz Labs, LLC)
Topaz ReMask 5 (HKLM-x32\...\Topaz ReMask 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz ReStyle (HKLM-x32\...\Topaz ReStyle) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.1.1 - Topaz Labs, LLC)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.2.0 - Topaz Labs, LLC)
Topaz Studio (HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\{c5962455-0bcd-42dc-8af6-b16454f77e37}) (Version: 1.0.5 - Topaz Labs, LLC)
Topaz Texture Effects (HKLM\...\Topaz Texture Effects) (Version: 1.1.0 - Topaz Labs, LLC)
TotalAV (HKLM-x32\...\TotalAV) (Version: 4.4.12 - TotalAV)
TuneUp Utilities 2014 (en-US) (HKLM-x32\...\{14C8CE46-C68C-461B-BCA9-E276A85851C6}) (Version: 14.0.1000.353 - TuneUp Software) Hidden
Turtix 1 & 2 (HKLM-x32\...\Turtix 1 & 2) (Version: 2.2.2 - LeeGT-Games)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Update EPSON Stylus Photo R2880 icc profile Glossy (HKLM-x32\...\{3947135B-6AD6-4485-B9B1-5DD7B3DE3147}) (Version: - )
Video Card Stability Test (HKLM-x32\...\Video Card Stability Test) (Version: v.1.0.0.3 - FreeStone Group)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VueScan x64 (HKLM\...\VueScan x64) (Version: - )
Water Bugs 1.15 (HKLM-x32\...\Water Bugs 1.15) (Version: - )
Wave of Time (HKLM-x32\...\Wave of Time) (Version: 1.0.0 - LeeGT-Games)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WhoCrashed 4.01 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Leaf Imaging Ltd. Image (12/03/2014 1.2.0.0) (HKLM\...\B758007C752D28F7C3542875CEEBDADCAE5941AE) (Version: 12/03/2014 1.2.0.0 - Leaf Imaging Ltd.)
Windows Driver Package - Phase One A/S (WinUSB) USBDevice (12/03/2014 1.13.0.0) (HKLM\...\7C6570ABBEB2F08EFBC23ED7925AE72DA6167BD8) (Version: 12/03/2014 1.13.0.0 - Phase One A/S)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Wondershare DVD Creator(Build 3.1.0) (HKLM-x32\...\Wondershare DVD Creator_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.5.2 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.2 - Wondershare)
WPS Office (10.2.0.6020) (HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\Kingsoft Office) (Version: 10.2.0.6020 - Kingsoft Corp.)
Your Uninstaller! 7 (HKLM-x32\...\YU2010_is1) (Version: 7.5.2013.2 - URSoft, Inc.)
Zombie Bowl-O-Rama (HKLM-x32\...\Zombie Bowl-O-Rama) (Version: 1.0.0.2 - LeeGT-Games)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3207529590-585244797-2999148210-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3207529590-585244797-2999148210-1000_Classes\CLSID\{70239788-4DAE-49B8-9270-5D8614384B49}\InprocServer32 -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd)
CustomCLSID: HKU\S-1-5-21-3207529590-585244797-2999148210-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers1: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => -> No File
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers1: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers1: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => -> No File
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-09-07] (O&O Software GmbH)
ContextMenuHandlers1: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd)
ContextMenuHandlers1: [Roxio Burn] -> {E8CB9D53-A47A-42B5-9F5B-96B037C9DD4C} => C:\Program Files\Roxio\Roxio Burn\RB_ContextMenu64.dll [2012-07-05] ()
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-05-12] (TechSmith Corporation)
ContextMenuHandlers1: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2014-10-24] ()
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => -> No File
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-09-07] (O&O Software GmbH)
ContextMenuHandlers2: [OODIDismount] -> {5B036813-4E35-4421-ADCB-E06925C7A7ED} => C:\Program Files\OO Software\DiskImage\oodishd.dll [2015-09-29] (O&O Software GmbH)
ContextMenuHandlers2: [ReflectShellExt] -> {DEBB9B79-B3DD-47F4-9E5C-EA6975BAB611} => C:\Program Files\Macrium\Reflect\RContextMenu.dll [2015-10-12] (Paramount Software UK Ltd)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-10] (Google)
ContextMenuHandlers4: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => -> No File
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2017-05-12] (TechSmith Corporation)
ContextMenuHandlers4: [TuneUp Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => -> No File
ContextMenuHandlers4: [TuneUp Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-02-05] (NVIDIA Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-02-10] ()
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => -> No File
ContextMenuHandlers6: [IObitUnstaler] -> {B19ED566-D419-470b-B111-3C89040BC027} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 16.0.0] -> {C845F70F-050A-4052-81DE-587D90C20FE8} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-09-07] (O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-08-22] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-3207529590-585244797-2999148210-1000: [kpdf2wordshellext] -> {70239788-4DAE-49B8-9270-5D8614384B49} => C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpdf2wordshellext\kpdf2wordshellext64.dll [2018-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd)
ContextMenuHandlers1_S-1-5-21-3207529590-585244797-2999148210-1000: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => -> No File
ContextMenuHandlers2_S-1-5-21-3207529590-585244797-2999148210-1000: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => -> No File
ContextMenuHandlers6_S-1-5-21-3207529590-585244797-2999148210-1000: [RXDCExtSvr] -> {1F6DE925-8416-40D4-BC66-D69DB9D4360B} => -> No File
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0AB588A2-F998-4EDB-A680-5F4493FC5127} - System32\Tasks\{1C2B8BE9-64A9-4A33-8404-506E2DEF4F0C} => C:\Windows\system32\pcalua.exe -a C:\DOWNLOADS\epson13413(1).exe -d C:\DOWNLOADS
Task: {10343D5B-38E8-46DA-94FB-ADFCE0BFDAB4} - System32\Tasks\{2A0B6C41-F09A-46CA-A26F-0B715BA5447C} => C:\Program Files (x86)\The Land of Pain\bin\win_x64\The Land Of Pain.exe
Task: {126FD816-0EF5-4983-8073-F1FE884CF28E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {1506AC8E-871D-46AB-94A8-7E4A79CCE7CA} - System32\Tasks\{125C85A4-E39A-4924-B227-A9C30C4EF5DB} => C:\Program Files (x86)\Helicon Software\Helicon Remote\HeliconRemote.exe
Task: {16DE5E3B-C98A-463E-9C40-319D50179D23} - System32\Tasks\{BBC0BE64-B8A9-4CBC-A739-935F0AB691ED} => H:\AUTO.EXE
Task: {170F1619-35DF-4FC7-AF18-20BE9E7FBDEC} - System32\Tasks\{AF30A456-2C78-4583-B66F-A6D96C1C5C17} => C:\Program Files (x86)\VeBest\Numerology7\VBNC 7.3.35 patcher.exe
Task: {1C4F05FC-2C05-4ECA-806F-7F59E78F95C6} - System32\Tasks\{EEFB271E-8D1A-4C3A-804E-4C1935EA7730} => C:\Windows\system32\pcalua.exe -a "C:\DOWNLOADS\Nero 2015 Platinum v16.0.03000 Multilingual + Content Pack - [FirstUploads]\Nero2015_setup-16.0.03000_trial.exe" -d "C:\DOWNLOADS\Nero 2015 Platinum v16.0.03000 Multilingual + Content Pack - [FirstUploads]"
Task: {1D064229-30ED-4563-84B4-9979C30D571B} - System32\Tasks\{CE4C1F39-4F69-409B-8D42-D5DB5BD14E7C} => C:\DOWNLOADS\GWARS\GWARS.EXE
Task: {2226C45F-0405-422D-949C-F72C5F0D93B2} - System32\Tasks\Restart Snagit => C:\Program Files (x86)\TechSmith\Snagit 13\snagit32.exe [2017-05-12] (TechSmith Corporation)
Task: {2614AC8A-F8C0-4427-8A2A-FF6E3672823E} - System32\Tasks\{BE68C178-58F3-492F-967C-5E6734F211A6} => C:\Program Files (x86)\VeBest\Numerology7\VBNC 7.3.35 patcher.exe
Task: {27BAB900-951A-4F38-B848-7465F3C1712B} - System32\Tasks\peasantry_atleast => C:\Program Files (x86)\Weltanschauung\Pataki.exe
Task: {27D39F90-7DA7-44D8-B5F3-F943E9D052BA} - System32\Tasks\{00AA8307-4F08-4DA7-B089-98EDCE42DBC0} => H:\AUTO.EXE
Task: {2ADF05A9-37E6-4A03-9707-D8A6BEB8CE38} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe [2016-11-14] (Microsoft Corporation)
Task: {2D6DC17D-7996-438E-AA75-411C51C8FBF9} - System32\Tasks\GoogleUpdate => C:\Users\Gpa-Jim\AppData\Roaming\Google\downloader.exe <==== ATTENTION
Task: {2E4B22E1-32EF-4C11-B744-EF4A28CDBCF0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-02-07] (Piriform Ltd)
Task: {2F2A5EBB-9263-4D59-AEA0-309B253455BC} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {334486C3-FC11-431E-822E-BC042A5DED3A} - System32\Tasks\KMSAutoNet => C:\ProgramData\KMSAutoS\KMSAuto Net.exe
Task: {36AB5D73-826D-4314-A586-F29E879AD35A} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_29_0_0_140_Plugin.exe [2018-04-10] (Adobe Systems Incorporated)
Task: {39E4AEF9-9078-4AB5-83A5-FA95B6DEDC7A} - System32\Tasks\gaalsoalso => C:\Program Files (x86)\concomitant\concomitant.exe
Task: {3C9543FD-5D0D-477B-904D-5812C4B9B620} - System32\Tasks\Mighty Checker => C:\Users\Gpa-Jim\AppData\Roaming\Mighty Checker\Mighty Checker.exe <==== ATTENTION
Task: {3DC6F8E2-6DFB-49EB-9942-7BAB639DFC1C} - System32\Tasks\{C874408B-6E37-4DD3-A298-8462981DB1B3} => C:\Program Files (x86)\The Land of Pain\bin\win_x64\The Land Of Pain.exe
Task: {3EF31DEA-F6CE-4C74-9E0B-8A2CD003AD48} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Restore Point) (For User Gpa-Jim) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-04-16] ()
Task: {410B1E99-A0CC-4010-8575-828BC4453C2B} - System32\Tasks\gapeasantry_atleastpeasantry_atleast => C:\Program Files (x86)\Weltanschauung\Pataki.exe
Task: {4112B089-3B39-4955-AFCA-CF46E909B49B} - System32\Tasks\{BE2A78DC-0CFF-4B30-9127-9BB939797B35} => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
Task: {43739129-0786-4F58-ACFD-EE6F8700B2AC} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Keep X Number of Restore Points) (For User Gpa-Jim) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-04-16] ()
Task: {4B886D5F-B77D-4393-8713-595CB8FB15C3} - System32\Tasks\gageste medicated consistantgeste medicated consistant => C:\Users\Gpa-Jim\AppData\Local\Pataki.exe [2018-04-16] ()
Task: {4C8E4446-1043-4B22-8EED-35EB644278FE} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\DIPAwayMode\DipAwayMode.exe
Task: {4E4FC93F-9CF1-4D76-8E30-098F28A8ABB4} - System32\Tasks\gagymnasts-macintoshgymnasts-macintosh => C:\Program Files (x86)\moroccan\increased.exe
Task: {4F602635-BBFB-4574-A566-9591AB3C3251} - System32\Tasks\trouble_warder => C:\Users\Gpa-Jim\AppData\Local\increased.exe
Task: {5285CBEB-2766-45F3-B3EA-4C8BCF54170F} - System32\Tasks\AdobeAAMUpdater-1.0-Gpa-Jim-PC-Gpa-Jim => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {57511145-C128-42FC-979A-BEC468EB236C} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Create Custom Restore Point) (For User Gpa-Jim) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-04-16] ()
Task: {5B0A91C8-30E7-41CB-8622-989067010E94} - System32\Tasks\GoogleUpdateClient => C:\Users\Gpa-Jim\AppData\Roaming\Google\downloader.exe <==== ATTENTION
Task: {5C6478F5-9853-4EFB-8DCA-33996A9B20AB} - System32\Tasks\geste medicated consistant => C:\Users\Gpa-Jim\AppData\Local\Pataki.exe [2018-04-16] ()
Task: {66448594-C695-4473-BCD7-EF76180FBF2A} - System32\Tasks\{7EA8615A-15A6-486F-9D09-CACFC7F5F0FA} => H:\AUTO.EXE
Task: {664B779A-CD63-48BC-8775-6DD1D06CA486} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2017-05-12] (TechSmith Corporation)
Task: {67194715-AA7A-4801-B893-23F1F57402C5} - System32\Tasks\{88B4E183-F75F-4524-9B4D-FD7D29C8B502} => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
Task: {68201ED4-05A1-45A6-B072-57F352B2A7FF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6D811CFF-7BC3-47F7-B77C-40950CE43ED2} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (For User Gpa-Jim) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-04-16] ()
Task: {79E37E55-95E3-4AB5-BB96-F0B7F7E747D4} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2016-03-01] (Nero AG)
Task: {7AD4A031-AD22-4277-9499-4BE02575AEE1} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-02-08] ()
Task: {7F688F78-D69B-4B27-9107-7CBB1A203891} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {8359B509-037F-48E7-A5B2-EB3A82743E43} - System32\Tasks\garesumed pounceresumed pounce => C:\Program Files (x86)\Weltanschauung\increased.exe
Task: {861EC952-0CEE-477E-AEEC-72332BD757DC} - System32\Tasks\WpsUpdateTask_Gpa-Jim => C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\wtoolex\wpsupdate.exe [2018-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {8B02128B-3D97-4C30-90FF-FA2EBE9E51BD} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2013-08-27] (ASUSTek Computer Inc.)
Task: {8B297E32-1D39-40CE-A5D3-27B8A64A2BC6} - System32\Tasks\{DA9B580C-C680-40C0-B58B-0C574EA050C0} => C:\Program Files (x86)\The Land of Pain\bin\win_x64\The Land Of Pain.exe
Task: {93CC0E51-232C-4F95-86C8-32B6BA9BBD32} - System32\Tasks\gamulroymulroy => C:\Program Files (x86)\Undocumented\Pataki.exe
Task: {96B69112-159C-4B8F-AA52-1A25CC9117A0} - System32\Tasks\{2C602AC4-E69A-4DD2-8BF5-A9AAA8517EAD} => H:\Auto.exe
Task: {AB995FE0-4AEB-4BA6-A4A2-57DB02EC6955} - System32\Tasks\gymnasts-macintosh => C:\Program Files (x86)\moroccan\increased.exe
Task: {AD9152E7-FCEB-40CD-9076-98D5F35BEC23} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-02-23] (Corel Corporation)
Task: {AE1571FC-894A-4B12-A869-F099D2DAE1CC} - System32\Tasks\Trojan Remover => C:\Program Files\Loaris\Trojan Remover\ltr.exe
Task: {B0514BDD-F078-49A7-9817-F5587ACBB217} - System32\Tasks\{9584FE1B-FD69-4790-B9F5-86AD5E753529} => C:\Windows\system32\pcalua.exe -a C:\DOWNLOADS\Nero2016-17.0.01500.exe -d C:\DOWNLOADS
Task: {B373E0E7-619B-455C-B1EC-9C2E34C4AF57} - System32\Tasks\also => C:\Program Files (x86)\concomitant\concomitant.exe
Task: {B463E053-9760-4E4E-90EF-F75BBECFF4FD} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite III\AsRoutineController.exe [2010-11-26] (ASUSTeK Computer Inc.)
Task: {B73EC5E3-8052-4EF9-9759-3FADB064AB89} - System32\Tasks\{D743DEAB-5116-4F27-8FE0-906CB840BB91} => C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe [2017-01-17] (Adobe Systems Incorporated)
Task: {B9D53943-4F2E-4237-8013-EEE5DF002880} - System32\Tasks\ASUS\GpuFanHelper => C:\Program Files (x86)\ASUS\AI Suite III\Thermal Radar 2\GpuFanHelper.exe [2014-04-25] (TODO: <Company name>)
Task: {C28C595B-84B1-4097-9F77-6FEBE1C590E2} - System32\Tasks\{24121CCA-386E-4A36-850C-DBA0175FB8C8} => C:\Program Files (x86)\NordVPN beta\NordVPN.exe
Task: {CDABAD10-7C69-4193-B22D-21BD595B6C4D} - System32\Tasks\{0B2CCE59-24A0-42C4-B52D-F38A56674E15} => C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe [2017-05-12] (TechSmith Corporation)
Task: {CDDCAAB7-4F66-4E73-BB2A-07F8C516278C} - System32\Tasks\{FCF66A75-E455-4BDB-A31F-F1AAA6CC8B5A} => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
Task: {CE49152B-CE05-4C54-92D6-957948D3FE94} - System32\Tasks\AdobeGCInvoker-1.0-Gpa-Jim-PC-Gpa-Jim => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {DB353E37-EB14-4B24-8F29-34C61846BCCD} - System32\Tasks\{37E97FAD-1AAE-4FEC-8A3D-B507E05F7204} => C:\Program Files (x86)\VeBest\Numerology7\VBNC 7.3.35 patcher.exe
Task: {DC433B59-C3E5-46C4-AA03-7A4AD1ECFEFF} - System32\Tasks\mulroy => C:\Program Files (x86)\Undocumented\Pataki.exe
Task: {E3092E81-9195-4EBB-9209-9F22D5F32EB2} - \AutoPico Daily Restart -> No File <==== ATTENTION
Task: {EC1D1DC4-7DD8-48EA-AF70-6C110891DE8D} - System32\Tasks\gatrouble_wardertrouble_warder => C:\Users\Gpa-Jim\AppData\Local\increased.exe
Task: {F093B5C7-8E62-49BC-B16D-CF7921E2ACD9} - System32\Tasks\resumed pounce => C:\Program Files (x86)\Weltanschauung\increased.exe
Task: {F2DBB605-0EC8-4875-8507-CE4698F6A6BE} - System32\Tasks\{321375EC-67AD-41BA-9163-9672916C8138} => H:\AUTO.EXE
Task: {F6A689C1-2F3E-4BFF-9876-F50A107B113F} - System32\Tasks\Restore Point Creator\Restore Point Creator -- Run with no UAC (Delete old Restore Points) (For User Gpa-Jim) => C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe [2018-04-16] ()
Task: {F6DB0844-682E-4F68-9030-EEC94D6921A8} - System32\Tasks\{E828603B-8F78-4138-A189-9F32BBA4C13E} => C:\Program Files (x86)\TechSmith\Snagit 13\Snagit32.exe [2017-05-12] (TechSmith Corporation)
Task: {F9104804-470E-48B3-A3BC-7EBFEB270EA7} - System32\Tasks\{047C46A9-DC95-4E9A-984D-9FA39F0C8760} => H:\AUTO.EXE
Task: {FD0F8DB9-D2F2-439A-AAB0-844AD924E09F} - System32\Tasks\WpsExternal_Gpa-Jim_20180403112517 => C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2018-04-03] (Zhuhai Kingsoft Office Software Co.,Ltd)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () -> --profile-directory=Default --app-id=blpebaehgfgkcmmjjknibibbjacnplim
==================== Loaded Modules (Whitelisted) ==============
2017-04-17 22:33 - 2015-02-05 15:07 - 000117576 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-02-10 02:12 - 2018-02-10 02:12 - 000614856 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2015-04-14 20:47 - 2014-10-24 14:16 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2015-01-11 03:16 - 2014-04-24 02:29 - 001360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2015-05-31 23:57 - 2016-07-24 15:00 - 000186760 _____ () C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe
2015-01-11 03:16 - 2014-01-27 23:16 - 000936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2018-02-27 21:08 - 2018-02-27 21:08 - 034523072 _____ () C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
2018-04-17 21:05 - 2018-04-16 10:49 - 000010752 _____ () C:\Users\Gpa-Jim\AppData\Local\Pataki.exe
2018-02-14 06:03 - 2018-02-14 06:03 - 067115984 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 000800768 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_photo310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 020629504 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_imgproc310.dll
2016-03-04 15:10 - 2016-03-04 15:10 - 008968192 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_core310.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 008968192 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_core300.dll
2016-01-27 18:05 - 2016-01-27 18:05 - 020629504 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\opencv_imgproc300.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001152512 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\cairo.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000601088 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\fontconfig.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 001015296 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\libxml2.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000023552 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\iconv.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000588288 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\pixman-1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000165888 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\libpng16.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000071680 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\zlib1.dll
2015-12-04 15:02 - 2015-12-04 15:02 - 000778240 _____ () C:\Program Files (x86)\TechSmith\Snagit 13\harfbuzz.dll
2015-01-11 03:16 - 2018-04-17 16:06 - 000036864 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-01-11 03:16 - 2014-01-27 23:16 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000118272 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2018-01-30 09:39 - 2018-01-30 09:39 - 000214528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000117248 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2018-01-30 09:38 - 2018-01-30 09:38 - 000125952 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2018-02-14 06:26 - 2018-02-14 06:26 - 000111056 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\build\Release\ProxyResolverWin7.dll
2018-01-30 09:38 - 2018-01-30 09:38 - 000086528 _____ () \\?\C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2014-03-20 15:43 - 2014-03-20 15:43 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000062592 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\krpt.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 009108096 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\QtCore4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000198784 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\wpscloudsvrimp.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000895616 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\QtNetwork4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000274560 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\curls.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 011409536 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\QtWebKit4.DLL
2018-04-03 11:24 - 2018-04-03 11:24 - 000246400 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\phonon4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000187520 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\addons\kpluginrunner\kpluginrunner.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000052352 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\rubyenv.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 002252416 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\ruby.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000249984 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\qtruby4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000030336 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\smokebase.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 003613312 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\smokeqtcore.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 001013888 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\smokekso.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000045184 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\win32api.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000080512 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\win32ole.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000027264 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\qtwebkitruby.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000275072 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\smokeqtwebkit.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 001047168 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\QtScript4.dll
2018-04-03 13:56 - 2018-04-03 13:56 - 000028800 _____ () C:\Users\Gpa-Jim\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.201803.0\strscan.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000035968 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\qt\plugins\imageformats\qgif4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000037504 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\qt\plugins\imageformats\qico4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000173184 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\qt\plugins\imageformats\qjpeg4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000273024 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\qt\plugins\imageformats\qtiff4.dll
2018-04-03 11:24 - 2018-04-03 11:24 - 000134272 _____ () C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\qt\plugins\imageformats\qwdp4.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\TEMP:04FCF942 [146]
AlternateDataStreams: C:\ProgramData\TEMP:1CE11B51 [174]
AlternateDataStreams: C:\ProgramData\TEMP:796FAB96 [123]
AlternateDataStreams: C:\ProgramData\TEMP:7DC6E295 [116]
AlternateDataStreams: C:\ProgramData\TEMP:8B1667C1 [109]
AlternateDataStreams: C:\ProgramData\TEMP:B0177106 [147]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3207529590-585244797-2999148210-1000\...\webcompanion.com -> hxxp://webcompanion.com
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2017-04-09 17:27 - 2018-04-16 13:47 - 000000523 _____ C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 acdid.acdsystems.com
162.222.193.86 aoaomo.tremorhub.com
188.95.50.62 bobomo.tremorhub.com
162.222.193.86 www.howcast.com
162.222.193.86 howcast.com
162.222.193.86 www.ustream.tv
162.222.193.86 ustream.tv
162.222.193.86 www.livestream.com
162.222.193.86 livestream.com
162.222.193.86 www.dailymotion.com
162.222.193.86 dailymotion.com
192.192.3.8 www.virustotal.com
192.192.3.8 virustotal.com
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3207529590-585244797-2999148210-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\Services: ASGT => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Event Planner Reminder.lnk => C:\Windows\pss\Event Planner Reminder.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SpyderUtility.lnk => C:\Windows\pss\SpyderUtility.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^System Mechanic.lnk => C:\Windows\pss\System Mechanic.lnk00A7453D.startup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TSC_SI_13.lnk => C:\Windows\pss\TSC_SI_13.lnk.CommonStartup
MSCONFIG\startupreg: acdIDInTouch2.exe => "C:\Program Files (x86)\ACD Systems\ACDSee Video Converter Pro 5\acdIDInTouch2.exe"
MSCONFIG\startupreg: Acrobat Assistant 8.0 =>
MSCONFIG\startupreg: Acrotray.exe =>
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeGCInvoker-1.0 => "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
MSCONFIG\startupreg: AiChargerPlus.exe =>
MSCONFIG\startupreg: boincmgr =>
MSCONFIG\startupreg: boinctray =>
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: CCleaner64.exe => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: chrmstp.exe => "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.119\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
MSCONFIG\startupreg: CloneCDTray.exe => "C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: Corsair Utility Engine => "C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe" --autorun
MSCONFIG\startupreg: Creative Cloud.exe =>
MSCONFIG\startupreg: EarthAlerts => C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe
MSCONFIG\startupreg: EarthAlerts.exe => C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe
MSCONFIG\startupreg: EEventManager.exe => "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
MSCONFIG\startupreg: ExpressTray.exe => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: FlashUtil32_16_0_0_305_Plugin.exe =>
MSCONFIG\startupreg: FreeAC => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe -autorun
MSCONFIG\startupreg: googledrivesync.exe => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: GUDelayStartup => "C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe" -delayrun
MSCONFIG\startupreg: jusched.exe => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: jv16 PT 2017 (System Startup Check) => "C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt_PreWorker2.exe" /SysStartupCheck /PT:"C:\Program Files (x86)\jv16 PowerTools 2017\"
MSCONFIG\startupreg: jv16pt_PreWorker2.exe => "C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt_PreWorker2.exe" /SysStartupCheck /PT:"C:\Program Files (x86)\jv16 PowerTools 2017\"
MSCONFIG\startupreg: LWS.exe => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: Malwarebytes TrayApp => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: mbae.exe => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: mbamtray.exe => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
MSCONFIG\startupreg: MSC => "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: OODefragTray =>
MSCONFIG\startupreg: oodtray.exe =>
MSCONFIG\startupreg: PUA.exe =>
MSCONFIG\startupreg: ReminderApp.exe => C:\Program Files (x86)\Nova Development\Print Artist Platinum 24\ReminderApp.exe
MSCONFIG\startupreg: UpdaterStartupUtility.exe => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: WsAppService.exe => C:\Program Files (x86)\Wondershare\WAF\2.4.3.229\WsAppService.exe
MSCONFIG\startupreg: WTabletServiceCon.exe => C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
MSCONFIG\startupreg: yasushi => "C:\Program Files (x86)\Undocumented\Pataki.exe" lak
MSCONFIG\startupreg: yasushidowner => "C:\Program Files (x86)\moroccan\increased.exe" lak
MSCONFIG\startupreg: yasushiyasushi => "C:\Program Files (x86)\Weltanschauung\Pataki.exe" lak
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{B19F6C19-129F-4DDB-A500-E3DF04AFD8D0}] => (Block) %ProgramFiles%\CCleaner\CCleaner.exe
FirewallRules: [{67221386-65B5-47FE-BFA4-B85AF1FC03A6}] => (Allow) LPort=31931
FirewallRules: [{E25F56A0-D828-4836-BB61-CEC91E279CA1}] => (Allow) LPort=14714
FirewallRules: [{5A457A3B-6327-4B82-A5AC-E3DA9B6AE09F}] => (Allow) LPort=12972
FirewallRules: [{4CD6AA6A-D04E-478F-B327-F8DBD39E4AA5}] => (Allow) C:\Program Files (x86)\Music Recorder\Music Recorder 2016\Audials.exe
FirewallRules: [{7423B35B-5315-4CDD-A517-C2723BE790BD}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{FB469D6E-6D1B-479D-BC83-1DB059421E7E}] => (Block) %ProgramFiles% (x86)\Photodex\ProShow Producer\proshow.exe
FirewallRules: [UDP Query User{502D6546-D203-444D-B9CA-4F23422360BA}C:\program files (x86)\helicon remote\heliconremote.exe] => (Allow) C:\program files (x86)\helicon remote\heliconremote.exe
FirewallRules: [TCP Query User{E52ED23F-92B3-4752-96E0-1C72A8BE82E2}C:\program files (x86)\helicon remote\heliconremote.exe] => (Allow) C:\program files (x86)\helicon remote\heliconremote.exe
FirewallRules: [{7356A052-AD48-4C51-AFC8-6561E4969340}] => (Block) %SystemDrive%\games\MahJong Suite\MahJongSuite.exe
FirewallRules: [UDP Query User{34C84A81-CAA3-4A33-9745-697E59A3C40D}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Block) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
FirewallRules: [TCP Query User{36C4B339-7040-41E7-869C-A8CCD3A4166C}C:\program files\onone software\perfect effects 9\perfect effects 9.exe] => (Block) C:\program files\onone software\perfect effects 9\perfect effects 9.exe
FirewallRules: [{8E2F9558-58B9-4158-B4EB-17863DCA5125}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\nero.exe
FirewallRules: [{9BB92532-D6F8-4F51-BB03-AAAEB1837663}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [{5D581145-2E74-45F6-98E5-4B3D82548A47}] => (Allow) C:\Program Files (x86)\Nero\Nero 2016\Nero Burning ROM\StartNBR.exe
FirewallRules: [{E8C5B7E1-64A7-481E-A814-4B683555C3AD}] => (Allow) C:\Program Files (x86)\Nero\KM\NMDllHost.exe
FirewallRules: [UDP Query User{57EE5F4E-E83E-48BD-9949-58DFDB90E85C}C:\program files (x86)\helicon remote\heliconremote.exe] => (Allow) C:\program files (x86)\helicon remote\heliconremote.exe
FirewallRules: [TCP Query User{C5DAF7EA-90C8-4C7D-931E-23B63817262C}C:\program files (x86)\helicon remote\heliconremote.exe] => (Allow) C:\program files (x86)\helicon remote\heliconremote.exe
FirewallRules: [{4655A265-EFD5-441A-A692-A45C59521B90}] => (Block) %ProgramFiles%\VueScan\vuescan.exe
FirewallRules: [{E978BA20-C3DE-4D74-BF06-969E177BDE7B}] => (Block) %ProgramFiles%\VueScan\vuescan.exe
FirewallRules: [{EA438C44-544C-4667-BA0B-B04F23A6B6F9}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
FirewallRules: [{07B822BA-671A-4CEF-9CC1-ADFA9E53CBFD}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
FirewallRules: [{4FE549F8-6FDB-4EDF-AAB5-0E0770D1F033}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
FirewallRules: [{6EC06B6B-D8C3-4C03-97D6-D42D9C59977B}] => (Allow) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
FirewallRules: [{A478F502-780D-4C28-ABAE-96A0A4FC8A3C}] => (Allow) LPort=8317
FirewallRules: [{07C4A267-AA48-4860-8B44-3891556087FE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{05AE45AE-AA39-4290-A527-4FC66A2185E5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{F116D73A-1227-42B8-9816-F1BBDA6E1656}] => (Block) %ProgramFiles%\PhotomatixPro6\PhotomatixPro.exe
FirewallRules: [{6E3340D0-795C-4D0E-80B0-79252A581778}] => (Allow) LPort=8298
FirewallRules: [{75828AE8-B52C-4356-86AD-18C20294413C}] => (Allow) C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\wpscloudsvr.exe
FirewallRules: [TCP Query User{34EFBB9C-69EC-4C43-A668-556872F30579}C:\games\oddworld - new 'n' tasty\nnt.exe] => (Block) C:\games\oddworld - new 'n' tasty\nnt.exe
FirewallRules: [UDP Query User{A801C0D9-866D-4849-AA11-25EB57597D4B}C:\games\oddworld - new 'n' tasty\nnt.exe] => (Block) C:\games\oddworld - new 'n' tasty\nnt.exe
FirewallRules: [{A4BB7305-A629-459C-993C-3AF006D49290}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{CD207A49-8BA8-43AA-82DE-A059F6433BAB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe
FirewallRules: [{9A3F513F-EB03-46BD-88C6-03A5D5985CC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{90B823E0-A09E-47F8-B93C-439AE1BD65FB}] => (Allow) C:\Program Files (x86)\Undocumented\Pataki.exe
FirewallRules: [{176A2F8E-7CF7-4932-A33C-972583CBDB2E}] => (Allow) C:\Program Files (x86)\Weltanschauung\Pataki.exe
FirewallRules: [{49DCAA3D-8DFE-4812-AAF4-30F3EBE21914}] => (Allow) C:\Program Files (x86)\moroccan\increased.exe
FirewallRules: [{B5591EE5-AC58-4B6D-B592-E1930EC622BD}] => (Allow) C:\Program Files (x86)\Weltanschauung\increased.exe
FirewallRules: [TCP Query User{661256A8-E673-426D-8E2E-7050A2D4F450}C:\games\oddworld - new 'n' tasty\nnt.exe] => (Allow) C:\games\oddworld - new 'n' tasty\nnt.exe
FirewallRules: [UDP Query User{878C7FF2-1C51-43CE-94E9-EEA36197873D}C:\games\oddworld - new 'n' tasty\nnt.exe] => (Allow) C:\games\oddworld - new 'n' tasty\nnt.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Delivery Tech Corp\Labeljoy 6\Labeljoy6.exe] => Enabled:Labeljoy
==================== Restore Points =========================
04-04-2018 21:16:50 Windows Update
04-04-2018 21:26:35 Before uninstalling The Land of Pain
08-04-2018 12:46:19 Windows Update
11-04-2018 17:25:15 Windows Update
14-04-2018 11:51:17 Installed Earth Alerts.
15-04-2018 23:19:40 Windows Update
16-04-2018 19:51:32 Restore Operation
17-04-2018 03:00:19 Windows Update
==================== Faulty Device Manager Devices =============
Name: ANOD Network Security Filter driver
Description: ANOD Network Security Filter driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: anodlwf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Kaspersky Anti-Virus NDIS 6 Filter
Description: Kaspersky Anti-Virus NDIS 6 Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KLIM6
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/17/2018 05:45:54 PM) (Source: .NET Runtime) (EventID: 1022) (User: )
Description: .NET Runtime version 4.0.30319.0 - There was a failure initializing profiling API attach infrastructure. This process will not allow a profiler to attach. HRESULT: 0x80004005. Process ID (decimal): 2112. Message ID: [0x2509].
Error: (04/17/2018 04:06:11 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/17/2018 04:06:10 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/17/2018 04:06:10 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
Context: Windows Application
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/17/2018 04:06:10 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/17/2018 04:06:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
Element not found. (HRESULT : 0x80070490) (0x80070490)
Error: (04/17/2018 04:06:08 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
Context: Windows Application, SystemIndex Catalog
Details:
The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
Error: (04/17/2018 04:06:08 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
Context: Windows Application, SystemIndex Catalog
Details:
The content index server cannot update or access information because of a database error. Stop and restart the search service. If the problem persists, reset and recrawl the content index. In some cases it may be necessary to delete and recreate the content index. (HRESULT : 0x8004117f) (0x8004117f)
System errors:
=============
Error: (04/18/2018 09:50:47 AM) (Source: Microsoft Antimalware) (EventID: 2051) (User: )
Description: Microsoft Antimalware has encountered an error trying to upload a suspicious file for further analysis.
Filename: C:\Users\Gpa-Jim\AppData\Local\IM\Identities\{A9086226-EB67-4397-9FAD-643AC9B810DD}\Message Store\Messages\1\{5E48FB81-198B-4222-BD06-A4D073E22AEA}\Attachments\repatch.dat
Sha256:
Current Signature Version: AV: 1.265.768.0, AS: 1.265.768.0
Current Engine Version: 1.1.14700.5
Error code: 0x80078032
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
Error: (04/18/2018 02:09:10 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.
CodeIntegrity:
===================================
Date: 2017-04-18 10:29:15.761
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\sfc_os.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-02-09 13:42:18.441
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:42:18.416
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:41:14.911
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gpa-Jim\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:41:14.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gpa-Jim\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:41:14.860
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gpa-Jim\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:41:14.835
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gpa-Jim\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-02-09 13:41:14.797
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Users\Gpa-Jim\AppData\Local\Temp\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 17%
Total physical RAM: 32709.31 MB
Available physical RAM: 26849.92 MB
Total Virtual: 65416.81 MB
Available Virtual: 60251.59 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:1862.92 GB) (Free:1060.83 GB) NTFS ==>[drive with boot components (obtained from BCD)]
\\?\Volume{ba558844-68d1-11e6-bc8e-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 000213AE)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Users shortcut scan result (x64) Version: 15.04.2018
Ran by Gpa-Jim (18-04-2018 13:41:18)
Running from C:\Users\Gpa-Jim\Desktop
Boot Mode: Normal
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Seasons\Register Angry Birds Seasons.lnk -> C:\games\Rovio\Angry Birds Seasons\reg_key.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone\Language Training\Visit RosettaStone.com.lnk -> hxxp://www.rosettastone.com
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outerspace Software\BluffTitler\Manual.lnk -> hxxp://www.outerspace-software.com/manual.htm
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Match Snowscapes\Start_Game.lnk -> C:\games\jm\Start_Game.bat ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmic Bugs\i.lnk -> C:\games\bugs\animations\i.bat ()
Shortcut: C:\ProgramData\{D9F9C87D-6338-4977-AD5C-EE6EE6F6B6EC}\fusion2_setup_ext.lnk ->
Shortcut: C:\ProgramData\{7E8842F4-ECF1-457B-9B22-AA8299B810D9}\fusion2_setup.lnk ->
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\VueScan x64.lnk -> C:\Program Files\VueScan\vuescan.exe (Hamrick Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Bridge CC 2018.lnk -> C:\Program Files\Adobe\Adobe Bridge CC 2018\Bridge.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom Classic CC.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe (Adobe Systems)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk -> C:\Program Files\Adobe\Adobe Photoshop CC 2018\Photoshop.exe (Adobe Systems Incorporated)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Affinity Photo.lnk -> C:\Program Files\Affinity\Affinity Photo\Photo.exe (Serif (Europe) Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite.lnk -> C:\games\MahJong Suite\MahJongSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk -> C:\Windows\ehome\ehshell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\More Great Games.lnk -> C:\Program Files (x86)\bfgclient\icons\moregreatgames.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Music Recorder.lnk -> C:\Program Files (x86)\Music Recorder\Music Recorder 2016\AudialsStarter.exe (Audials AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk -> C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif MoviePlus X6.lnk -> C:\Windows\Installer\{E7D12C5A-7619-4673-9602-6FBBBD7E8224}\MoviePlus.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite.lnk -> C:\games\SolSuite\SolSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk -> C:\Windows\System32\WindowsAnytimeUpgradeUI.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk -> C:\Program Files\DVD Maker\DVDMaker.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk -> C:\Windows\System32\xpsrchvw.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7\Help document.lnk -> C:\Program Files (x86)\Your Uninstaller! 7\uninstaller.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7\Uninstall.lnk -> C:\Program Files (x86)\Your Uninstaller! 7\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7\Your Uninstaller!.lnk -> C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe (URSoft,Inc)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\DVD Creator\How to Use Wondershare DVD Creator.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\DVDCreator_Help.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\DVD Creator\Order Wondershare DVD Creator On the Web.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\DVDCreator_Order.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\DVD Creator\Uninstall Wondershare DVD Creator.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\DVD Creator\Wondershare DVD Creator on the Web.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\DVDCreator_Homepage.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare\DVD Creator\Wondershare DVD Creator.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\DVDCreator.exe (Wondershare Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preference File Utility.lnk -> C:\Program Files\Tablet\Pen\32\PrefUtil.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom\Wacom Preferences.lnk -> C:\Program Files\Tablet\Pen\Consumer_CPL.exe (Wacom Technology, Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeBest\Numerology 7\Uninstall.lnk -> C:\Program Files (x86)\VeBest\Numerology7\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeBest\Numerology 7\VeBest Numerology.lnk -> C:\Program Files (x86)\VeBest\Numerology7\VBNC.exe (VeBest)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeBest\Astrology\Uninstall.lnk -> C:\Program Files (x86)\VeBest\Astrology\uninstall.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VeBest\Astrology\VeBest Astrology.lnk -> C:\Program Files (x86)\VeBest\Astrology\Astrology.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Texture Effects\Topaz Texture Effects (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Texture Effects\tltextureeffects.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz ReMask 5\Topaz ReMask 5 (64-bit).lnk -> D:\Topaz Labs\Topaz ReMask 5\tlremask5.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Impression 2\Topaz Impression 2 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Impression 2\tlimpression2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Glow 2\Topaz Glow 2 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Glow 2\tlglow2.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Glow\Topaz Glow (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Fusion Express 2\UsersGuide.pdf.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Fusion Express 2\Docs\UsersGuide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz DeNoise 6\Topaz DeNoise 6 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz DeNoise 6\tldenoise6.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\photoFXlab\photoFXlab (32-bit).lnk -> D:\Topaz Labs\Applications\32Bit\photoFXlab.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\photoFXlab\photoFXlab (64-bit).lnk -> D:\Topaz Labs\Applications\64Bit\photoFXlab.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\photoFXlab\Uninstall.lnk -> D:\Topaz Labs\Applications\uninst.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Topaz Labs\photoFXlab\Website.lnk -> D:\Topaz Labs\Applications\32Bit\photoFXlab.url (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 4.0 Professional\Broderbund.com.lnk -> C:\Program Files (x86)\The Print Shop 4.0 Professional\TPS4Pbroderbund.url.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 4.0 Professional\The Print Shop 4.0 Professional Support.lnk -> C:\Program Files (x86)\The Print Shop 4.0 Professional\TPS4Psupport.url.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 4.0 Professional\The Print Shop 4.0 Professional Update.lnk -> C:\Windows\Installer\{B9B030ED-7634-4FC1-B1F7-7F1A7445EB72}\NewShortcut3_FF643DDCE2EB40898CCBED658F69B265.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 4.0 Professional\The Print Shop 4.0 Professional.lnk -> C:\Windows\Installer\{B9B030ED-7634-4FC1-B1F7-7F1A7445EB72}\NewShortcut1_2061D97734184A56A1DD4E9FDB1E7FD0.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mystery of a Lost Planet\OpenAL Installer.lnk -> C:\games\The Mystery of a Lost Planet\oalinst.exe (Creative Labs Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mystery of a Lost Planet\Setup Factory 8.0 Runtime.lnk -> C:\games\The Mystery of a Lost Planet\uninstall.exe (Indigo Rose Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Mystery of a Lost Planet\The Mystery of a Lost Planet.lnk -> C:\games\The Mystery of a Lost Planet\Planet.exe (VELOCITY)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Recorder 8.lnk -> C:\Windows\Installer\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Camtasia Studio 8.lnk -> C:\Windows\Installer\{AF33D0D2-2627-4AC8-8473-FDBB7892129C}\CamtasiaIcons.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Snagit 12 Editor.lnk -> C:\Windows\Installer\{979028FC-2DBF-4BB4-A9EC-4627A9D63D50}\SnagitEditorIcon.exe (TechSmith Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Snagit 12.lnk -> C:\Windows\Installer\{979028FC-2DBF-4BB4-A9EC-4627A9D63D50}\SnagitIcon.exe (TechSmith Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Snagit 13 Editor.lnk -> C:\Windows\Installer\{F0EE4FB7-90E5-445A-84BD-EA3844994034}\SnagitEditorIcon.exe (TechSmith Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith\Snagit 13.lnk -> C:\Windows\Installer\{F0EE4FB7-90E5-445A-84BD-EA3844994034}\SnagitIcon.exe (TechSmith Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Summitsoft\Business Card Studio\Launch Business Card Studio.lnk -> C:\Windows\Installer\{26413EE3-C4B2-4A06-8225-72649315337D}\BusinessCardStudio_238D47DB8633490290F5A362058FD540.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Defender 4\Star Defender 4.lnk -> C:\games\star\Star Defender 4\StarDefender4.exe (AWEM Studio)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Star Defender 4\Uninstall Star Defender 4.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{14527060-7EC2-46BE-8AC1-CFE950DA3E24}\setup.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Create System Report.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDLogReport.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\File Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFiles.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Immunization.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Rootkit Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDRootAlyzer.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\System Scan.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Tray Icon (Live Protection).lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2\Uninstall Spybot-S&D.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speedtest By Ookla\Speedtest.lnk -> C:\Program Files (x86)\Speedtest\Speedtest.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games\Buy Now!.lnk -> C:\games\SolSuite\Buy Now!.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games\SolSuite .lnk -> C:\games\SolSuite\SolSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games\SolSuite Help.lnk -> C:\games\SolSuite\solsuite.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SolSuite - Solitaire Card Games\SolSuite Web Site.lnk -> C:\games\SolSuite\SolSuite Web Site.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDeblur\SmartDeblur.lnk -> C:\Program Files (x86)\SmartDeblur\SmartDeblur.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDeblur\Uninstall.lnk -> C:\Program Files (x86)\SmartDeblur\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\CloneCD Help.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\HelpLauncher.exe (SlySoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\CloneCD Revision History.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\Changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\CloneCD Tray.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe (SlySoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\CloneCD.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\CloneCD.exe (SlySoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\Register CloneCD.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\RegCloneCD.exe (SlySoft, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\CloneCD\Uninstall.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\ccd-uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD Help.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\HelpLauncher.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD History.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\manual\changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (RedFox)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\Register AnyDVD.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\RegAnyDVD.exe (RedFox)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\Uninstall.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD-uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SIGMA\SIGMA Optimization Pro\SIGMA Optimization Pro.lnk -> C:\Program Files (x86)\SIGMA\SIGMA Optimization Pro\SOP.exe (SIGMA CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\MoviePlus X6\MoviePlus X6 User Guide.lnk -> C:\Windows\Installer\{E7D12C5A-7619-4673-9602-6FBBBD7E8224}\ShortcutPDF.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\MoviePlus X6\MoviePlus X6.lnk -> C:\Windows\Installer\{E7D12C5A-7619-4673-9602-6FBBBD7E8224}\MoviePlus.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio Creator NXT Pro 3\Applications\Triple Scoop Music.lnk -> C:\Users\Gpa-Jim\Music\Triple Scoop Music ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio Entertainment Ltd\Angry Birds Star Wars II\Angry Birds Star Wars II.lnk -> C:\games\AngryBirdsStarWarsII.exe (Rovio Entertainment Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Space\Angry Birds Space.lnk -> C:\games\Rovio\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Seasons\Angry Birds Seasons.lnk -> C:\games\Rovio\Angry Birds Seasons\AngryBirdsSeasons.exe (Rovio Mobile)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds Rio\Angry Birds Rio.lnk -> C:\games\Rovio\Angry Birds Rio\AngryBirdsRio.exe (Rovio Mobile Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Angry Birds\Angry Birds.lnk -> C:\games\Rovio\Angry Birds\AngryBirds.exe (Rovio Entertainment)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rosetta Stone\Language Training\Rosetta Stone Language Training.lnk -> C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Language Training\Rosetta Stone.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator.lnk -> C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Uninstall Restore Point Creator.lnk -> C:\Program Files (x86)\Restore Point Creator\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\FaceFilter3\End User License Agreement.lnk -> C:\Program Files (x86)\Reallusion\FaceFilter3\End User License Agreement.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\FaceFilter3\FaceFilter v3.02 SE.lnk -> C:\Program Files (x86)\Reallusion\FaceFilter3\FFApp.exe (Reallusion Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\FaceFilter3\FaceFilter3 Help.lnk -> C:\Program Files (x86)\Reallusion\FaceFilter3\FaceFilter3 Help.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\FaceFilter3\Read Me.lnk -> C:\Program Files (x86)\Reallusion\FaceFilter3\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\FaceFilter3\Uninstall FaceFilter3.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{6020758E-57A9-41E3-AF20-8EE311EA6156}\setup.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professor Heinz Wolff's Gravity\Professor Heinz Wolff's Gravity.lnk -> C:\games\Gravity.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professor Heinz Wolff's Gravity\Visit LeeGT-Games.lnk -> C:\games\Visit LeeGT-Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games\Water Bugs\Play Water Bugs.lnk -> C:\Program Files\PopCap Games\Water Bugs\WaterBugs.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games\Water Bugs\View Readme.lnk -> C:\Program Files\PopCap Games\Water Bugs\readme.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photomatix Pro 6.0\Photomatix Pro 6.0 (64-bit).lnk -> C:\Program Files\PhotomatixPro6\PhotomatixPro.exe (HDRsoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One\Capture One 9\Capture One 9 on the Web.lnk -> C:\Program Files\Phase One\Capture One 9\CaptureOne.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One\Capture One 9\Capture One 9.lnk -> C:\Program Files\Phase One\Capture One 9\CaptureOne.exe (Phase One)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Phase One\Capture One 9\Uninstall Capture One 9.lnk -> C:\Program Files\Phase One\Capture One 9\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outerspace Software\BluffTitler\BluffTitler.lnk -> D:\outerspace\BluffTitler\BluffTitler.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outerspace Software\BluffTitler\Uninstall.lnk -> D:\outerspace\BluffTitler\uninstall.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software\Perfect Photo Suite 9\Perfect Photo Suite 9.lnk -> C:\Program Files\onOne Software\Perfect Photo Suite 9\Perfect Photo Suite 9.exe (onOne Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\onOne Software\Perfect Effects 9\Perfect Effects 9.lnk -> C:\Program Files\onOne Software\Perfect Effects 9\Perfect Effects 9.exe (onOne Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O DiskImage\DiskImage Help.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\Help.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O DiskImage\O&O DiskImage Tray.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\DiskImage.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O DiskImage\O&O DiskImage wizard.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\DiskImage.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O DiskImage\O&O DiskImage.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\DiskImage.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O Defrag\O&O Defrag.lnk -> C:\Windows\Installer\{0FDB84EB-C1FE-4684-8673-C490E3F06D16}\app_icon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O Defrag\O&O DiskStat.lnk -> C:\Windows\Installer\{0FDB84EB-C1FE-4684-8673-C490E3F06D16}\app_oods_icon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision Photo Viewer.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstview.exe (NVIDIA Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development\Print Artist Platinum 24.lnk -> C:\Windows\Installer\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}\NewShortcut2_ECB39E37700A47B6937B5158C27B3068.exe (Flexera Software, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development\Print Artist Platinum 25.lnk -> C:\Windows\Installer\{54E76A97-D5FB-4EF4-857B-838E47705B98}\NewShortcut2_ECB39E37700A47B6937B5158C27B3068.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nova Development\PRINTA~1Print Artist Scrapbooks and More.lnk -> C:\Windows\Installer\{16FE986C-A70B-42F4-B627-6F3F8460D9BE}\NewShortcut2_ECB39E37700A47B6937B5158C27B3068.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero 2016.lnk -> C:\Windows\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\NeroLauncher.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero Burning ROM.lnk -> C:\Windows\Installer\{CFB0F37D-22E7-4F37-8FAE-B319A58AC5B9}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero Express.lnk -> C:\Windows\Installer\{60251665-84B4-41D6-84BF-6D50CE68DD08}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero Recode.lnk -> C:\Windows\Installer\{B17D5E7B-FADD-4EB4-B537-CB7EB3333D97}\ScRecodeStartMenu_563A75F05683422E8C558ED3B6DA617D.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero RescueAgent.lnk -> C:\Windows\Installer\{7F22DD97-256D-491D-9090-743FADC79BBE}\NeroRescueAgent.ex_2882597C6E684EBDA23F3CF2CA0CBC30.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 2016\Nero Video.lnk -> C:\Windows\Installer\{6861C1AD-9829-4DE4-8647-4785ECEA421A}\ScVisionStartMenu_88036A9DCD1D412A84701A23A35FB37B.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero ControlCenter.lnk -> C:\Windows\Installer\{ABC88553-8770-4B97-B43E-5A90647A5B63}\ScControlCenterSta_FC2653898C5047A6A872CAF6433C43A8.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero CoverDesigner.lnk -> C:\Windows\Installer\{92EBE575-0C6E-4713-B095-34BB927E5AC6}\ARPPRODUCTICON.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero Disc To Device.lnk -> C:\Windows\Installer\{BD6F4D10-E29E-49E3-8497-1D454AF5EEF8}\ScDisc2DeviceStart_31C5D7D15DA846FBB6553A0819A0C381.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero MediaBrowser.lnk -> C:\Program Files (x86)\Nero\KM\MediaBrowser.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero MediaHome.lnk -> C:\Program Files (x86)\Nero\KM\MediaHome.exe (Nero AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero SoundTrax.lnk -> C:\Windows\Installer\{645067B0-052E-4389-92E6-849C4FA79443}\ScSoundTraxStartMe_92F39C657A3840139A47B92C3EFBBBBB.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero\Nero WaveEditor.lnk -> C:\Windows\Installer\{690E41ED-A51E-4C1A-B786-20BFD151E27C}\ScWaveEditorStartM_3939FC794F8E448CB7E44465B4F58E0D.exe (Acresso Software Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Changelog.lnk -> C:\Program Files\MPC-HC\Changelog.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\Uninstall MPC-HC.lnk -> C:\Program Files\MPC-HC\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\Silverlight.Configuration.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medford Asylum Paranormal Case\MedfordAsylum.lnk -> C:\games\medford\MedfordAsylum.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Medford Asylum Paranormal Case\Setup Factory 8.0 Runtime.lnk -> C:\games\medford\uninstall.exe (Indigo Rose Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Create Recovery Disc.lnk -> C:\Windows\System32\recdisc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Remote Assistance.lnk -> C:\Windows\System32\msra.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite\Buy Now!.lnk -> C:\games\MahJong Suite\Buy Now!.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite\MahJong Suite .lnk -> C:\games\MahJong Suite\MahJongSuite.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite\MahJong Suite Help.lnk -> C:\games\MahJong Suite\MahJongSuite.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MahJong Suite\MahJong Suite Web Site.lnk -> C:\games\MahJong Suite\MahJong Suite Web Site.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium\Reflect\Reflect.lnk -> C:\Program Files\Macrium\Reflect\reflect.exe (Paramount Software UK Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech Camera Diagnostic\Logitech Camera Diagnostic.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LogiUCDiagnostic\LogiDiagnostic.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech\Logitech Webcam Software.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2017\jv16 PowerTools 2017.lnk -> C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt.exe (Macecraft Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jundroo\SimpleModder.lnk -> C:\Windows\Installer\{7B38B3F0-902B-4AE8-9560-97F71050DFBB}\_416F9BEA1557D621973F1D.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jundroo\SimpleRockets.lnk -> C:\Windows\Installer\{7B38B3F0-902B-4AE8-9560-97F71050DFBB}\_BC3A03551A6270E1F3FF24.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 23\CD Labeler.lnk -> C:\Program Files (x86)\J River\Media Center 23\CDLabeler.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 23\JRiver Media Center 23.lnk -> C:\Program Files (x86)\J River\Media Center 23\Media Center 23.exe (JRiver, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 23\Media Editor.lnk -> C:\Program Files (x86)\J River\Media Center 23\Media Editor.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 23\Uninstall JRiver Media Center 23.lnk -> C:\Program Files (x86)\J River\Media Center 23\JRMediaUninstall.exe (JRiver, Inc.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jewel Match Snowscapes\JewelMatchSnowscapes.lnk -> C:\games\jm\JewelMatchSnowscapes.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Configure Java.lnk -> C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe (Oracle Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Home Photo Studio\Help.lnk -> C:\Program Files (x86)\Home Photo Studio\Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Home Photo Studio\Home Photo Studio.lnk -> C:\Program Files (x86)\Home Photo Studio\HomeStudio.exe (AMS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Home Photo Studio\Uninstall Home Photo Studio.lnk -> C:\Program Files (x86)\Home Photo Studio\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helicon Software\Helicon Focus 6\Helicon 3D Viewer.lnk -> C:\Program Files\Helicon Software\Helicon Focus 6\Helicon3DViewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helicon Software\Helicon Focus 6\Helicon Focus 6.lnk -> C:\Program Files\Helicon Software\Helicon Focus 6\HeliconFocus.exe (HeliconSoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helicon Software\Helicon Focus 6\Uninstall Helicon Focus.lnk -> C:\Program Files\Helicon Software\Helicon Focus 6\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2015.lnk -> C:\Windows\Installer\{F2117332-1A36-4D3B-854D-A8D10735B4DF}\NewShortcut2_E6CADA9C0A334E59825462142CFE8F8D.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2016.lnk -> C:\Windows\Installer\{8B89C389-8C13-4A95-BA2D-87DC5FFB620C}\NewShortcut2_E6CADA9C0A334E59825462142CFE8F8D.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2017.lnk -> C:\Windows\Installer\{EA4F7D75-C9E5-4349-AA68-ABF0FEEA90EF}\NewShortcut2_E6CADA9C0A334E59825462142CFE8F8D.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Event Planner 2018.lnk -> C:\Windows\Installer\{6A5E49ED-49CD-470D-BF5F-44CF84B54C35}\NewShortcut2_E6CADA9C0A334E59825462142CFE8F8D.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2015 Deluxe.lnk -> C:\Windows\Installer\{F2117332-1A36-4D3B-854D-A8D10735B4DF}\NewShortcut1_C1095D17B9E749FAA3CF0A408D1C8448.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2016 Deluxe.lnk -> C:\Windows\Installer\{8B89C389-8C13-4A95-BA2D-87DC5FFB620C}\NewShortcut1_C1095D17B9E749FAA3CF0A408D1C8448.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2017 Deluxe.lnk -> C:\Windows\Installer\{EA4F7D75-C9E5-4349-AA68-ABF0FEEA90EF}\NewShortcut1_C1095D17B9E749FAA3CF0A408D1C8448.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hallmark\Hallmark Card Studio 2018 Deluxe.lnk -> C:\Windows\Installer\{6A5E49ED-49CD-470D-BF5F-44CF84B54C35}\NewShortcut1_C1095D17B9E749FAA3CF0A408D1C8448.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Drive.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Swindle\The Swindle.lnk -> C:\games\The Swindle\TheSwindle.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Swindle\Uninstall The Swindle.lnk -> C:\games\The Swindle\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\realMyst Masterpiece Edition\realMyst Masterpiece Edition.lnk -> C:\games\realMyst Masterpiece Edition\realMyst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\realMyst Masterpiece Edition\Uninstall realMyst - Masterpiece Edition.lnk -> C:\games\realMyst Masterpiece Edition\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\realMyst Masterpiece Edition\Documents\Manual.lnk -> C:\games\realMyst Masterpiece Edition\realMyst ME User Guide.pdf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Oddworld - New 'n' Tasty\Oddworld - New 'n' Tasty.lnk -> C:\games\Oddworld - New 'n' Tasty\NNT.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Oddworld - New 'n' Tasty\Uninstall Oddworld - New 'n' Tasty.lnk -> C:\games\Oddworld - New 'n' Tasty\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnaural\Gnaural.lnk -> C:\Program Files (x86)\Gnaural\gnaural.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gnaural\Uninstall.lnk -> C:\Program Files (x86)\Gnaural\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Angry Birds Star Wars II.lnk -> [LF6"pH,R GFSI)G[MJKPlay Angry Birds Star Wars II.(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\GameExplorer.lnk -> C:\Windows\System32\gameux.dll (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Oddworld New 'n' Tasty.lnk -> [LF6"pH,R GFSIວ<E@Mc*EOddworld: New 'n' Tasty(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Play Chicken Invaders 5 - Cluck of the Dark Side.lnk -> C:\Program Files (x86)\Chicken Invaders 5 - Cluck of the Dark Side\launchgame.bfg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\realMyst Masterpiece Edition.lnk -> [LF6"pH,R GFSIݩv6aDUwe realMyst: Masterpiece Edition(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\The Swindle.lnk -> [LF6"pH,R GFSI'_NPThe Swindle(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Water Bugs.lnk -> [LF6"pH,R GFSI[4n-DKBRope off the game board to confine or destroy as many pests as you can. Meet your quota so you can move on to the next level, and capture extras for huge bonuses. Keep frogs, lobsters and stringrays at bay while you fill in the board, but look out for lots of tricks along the way!(1SPSXFL8C&m]
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Super Cyborg - Steam Edition\Super Cyborg - Steam Edition.lnk -> C:\games\Super Cyborg.exe (Artur Games)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontTwister\Help.lnk -> C:\Program Files (x86)\FontTwister\ftwister.hlp ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontTwister\Manual.lnk -> C:\Program Files (x86)\FontTwister\manual.doc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontTwister\Uninstall.lnk -> C:\Program Files (x86)\FontTwister\uninstal.exe (Neuber GmbH)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePub Reader\ePub Reader for Windows.lnk -> C:\Program Files (x86)\ePub Reader for Windows\Epub Reader for Windows.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ePub Reader\Uninstall ePub Reader for Windows.lnk -> C:\Program Files (x86)\ePub Reader for Windows\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Copy Utility.lnk -> C:\Program Files (x86)\Epson Software\Copy Utility\ECopy.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Easy Photo Scan.lnk -> C:\Program Files (x86)\Epson Software\Easy Photo Scan\EasyPhotoScan.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Event Manager.lnk -> C:\Program Files (x86)\Epson Software\Event Manager\EProjManager.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Print CD.lnk -> C:\Program Files (x86)\Epson Software\Print CD\PrintCD.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software\Read Me\Print CD.lnk -> C:\Program Files (x86)\Epson Software\Print CD\Readme.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\Perfection V600 User's Guide\Perfection V600 User's Guide Uninstaller.lnk -> C:\Program Files (x86)\epson\guide\V600_el\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\EPSON Scan Settings.lnk -> C:\Windows\twain_32\escndv\escfg.exe (SEIKO EPSON CORP.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elf Bowling The Last Insult\Uninstall Elf Bowling The Last Insult.lnk -> C:\games\Elf Bowling The Last Insult\ReflexiveArcade\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elf Bowling The Last Insult\ Elf Bowling The Last Insult.lnk -> C:\games\Elf Bowling The Last Insult\ElfBowling.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneDVD2\CloneDVD2 Help.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\HelpLauncher.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneDVD2\CloneDVD2 Revision History.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\manual\clonedvd_changes.txt ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneDVD2\CloneDVD2.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneDVD2\Register CloneDVD2.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\RegCloneDVD.exe (Elaborate Bytes AG)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes\CloneDVD2\Uninstall.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2-uninst.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Earth Alerts\Earth Alerts.lnk -> C:\Windows\Installer\{F9F3B08B-C6BF-4DE8-97EA-08EE76EEA6ED}\EarthAlerts.exe_B6F068E0A00C4560A1FCD1C04FD49FE6.exe (Flexera Software LLC)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Disabled Startup\Event Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2018 Deluxe\Planner\PLNRnote.exe (Creative Home)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Toilet 5.0\Desktop Toilet 5.0 Help.lnk -> C:\Program Files (x86)\Desktop Toilet 5.0\toilet.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Toilet 5.0\Desktop Toilet 5.0.lnk -> C:\Program Files (x86)\Desktop Toilet 5.0\desktoptoilet5.exe (MicroSECONDS Computer Consulting)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\ProfileChooser.lnk -> C:\Program Files (x86)\Datacolor\ProfileChooser\ProfileChooser.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Spyder4Elite 4.5.9.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Elite\Spyder4Elite.exe (©2016 Datacolor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Spyder4Pro 4.5.9.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Pro\Spyder4Pro.exe (©2016 Datacolor)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Read Me\Spyder4Elite Read Me.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Elite\Read Me.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Read Me\Spyder4Pro Read Me.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Pro\Read Me.rtf ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-140 revB\Connection Wizard.lnk -> C:\Program Files (x86)\D-Link\DWA-140 revB\D-Link Wizard.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-140 revB\Uninstall.lnk -> C:\Program Files (x86)\InstallShield Installation Information\{D7D2F494-89E3-42ED-8A2B-75BDD9B464CB}\setup.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link\DWA-140 revB\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\ASUS CPU-Z\ASUS CPU-Z.lnk -> C:\Program Files\CPUID\ASUS CPU-Z\cpuz_asus.exe (CPUID)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\ASUS CPU-Z\Edit ASUS CPU-Z Config File.lnk -> C:\Program Files\CPUID\ASUS CPU-Z\cpuz.ini ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID\ASUS CPU-Z\Uninstall ASUS CPU-Z.lnk -> C:\Program Files\CPUID\ASUS CPU-Z\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmic Bugs\ .lnk -> C:\games\bugs\Cosmic Bugs.exe ( )
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmic Bugs\encrypto.lnk -> C:\games\bugs\animations\encrypto.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cosmic Bugs\Uninstall.lnk -> C:\games\bugs\uninstall.exe (Indigo Rose Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Generator\Collage Generator.lnk -> C:\Program Files (x86)\Collage Generator\AutoCollage.exe (AMS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Generator\Help.lnk -> C:\Program Files (x86)\Collage Generator\Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Generator\Uninstall.lnk -> C:\Program Files (x86)\Collage Generator\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side\More Great Games.lnk -> C:\Program Files (x86)\bfgclient\icons\moregreatgames.ico ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side\Play Chicken Invaders 5 - Cluck of the Dark Side.lnk -> C:\Program Files (x86)\Chicken Invaders 5 - Cluck of the Dark Side\launchgame.bfg ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\calibre 64bit - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\E-book viewer 64bit.lnk -> C:\Program Files\Calibre2\ebook-viewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Edit E-book 64bit.lnk -> C:\Program Files\Calibre2\ebook-edit.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\LRF viewer 64bit.lnk -> C:\Program Files\Calibre2\lrfviewer.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BluffTitler\BluffTitler.lnk -> D:\outerspace\BluffTitler\BluffTitler.exe (No File)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled Blitz\Bejeweled Blitz.lnk -> C:\games\BejBlitz.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled Blitz\Visit LeeGT-Games.lnk -> C:\games\Visit LeeGT-Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled 3\Bejeweled 3.lnk -> C:\games\bj3\Bejeweled3.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aurora\Aurora.lnk -> C:\Windows\Installer\{8C3C5604-B034-4073-BBF8-4BB4B6136D4D}\LogoIcon.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atypical Games\Sky Gamblers Storm Raiders\Sky Gamblers Storm Raiders.lnk -> C:\games\Storm Raiders\bin32\game.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atypical Games\Sky Gamblers Storm Raiders\Uninstall Sky Gamblers Storm Raiders.lnk -> C:\games\Storm Raiders\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\ASUS GPU Tweak.lnk -> C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS\GPUTweakStreaming.lnk -> C:\Program Files (x86)\ASUS\GPUTweakStreaming\GPUTweakStreaming.exe (ASUS)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art Explosion Calendar Maker\Art Explosion Calendar Maker.lnk -> C:\Program Files (x86)\Art Explosion Calendar Maker\Calendar.exe (AMS Software)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art Explosion Calendar Maker\Help.lnk -> C:\Program Files (x86)\Art Explosion Calendar Maker\Help.chm ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art Explosion Calendar Maker\Uninstall.lnk -> C:\Program Files (x86)\Art Explosion Calendar Maker\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Around the World in 80 Levels\Around the World in 80 Levels.lnk -> C:\games\Around the World in 80 Levels.exe (Lucky Black)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Around the World in 80 Levels\Visit LeeGT-Games.lnk -> C:\games\Visit LeeGT-Games.url ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\AKVIS Refocus.lnk -> C:\Program Files (x86)\AKVIS\Refocus\Refocus_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Help.lnk -> C:\Program Files (x86)\AKVIS\Refocus\Help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\AKVIS Neon.lnk -> C:\Program Files (x86)\AKVIS\Neon\Neon_64.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Help.lnk -> C:\Program Files (x86)\AKVIS\Neon\Help\index.html ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\Aiseesoft Video Converter Ultimate\Aiseesoft Video Converter Ultimate.lnk -> C:\Program Files (x86)\Video Converter Ultimate\Aiseesoft Video Converter Ultimate.exe (Aiseesoft)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\Aiseesoft Video Converter Ultimate\Uninstall.lnk -> C:\Program Files (x86)\Video Converter Ultimate\unins000.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Component Services.lnk -> C:\Windows\System32\comexp.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Data Sources (ODBC).lnk -> C:\Windows\System32\odbcad32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\iSCSI Initiator.lnk -> C:\Windows\System32\iscsicpl.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Memory Diagnostics Tool.lnk -> C:\Windows\System32\MdSched.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Print Management.lnk -> C:\Windows\System32\printmanagement.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk -> C:\Windows\System32\services.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\System Configuration.lnk -> C:\Windows\System32\msconfig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows Firewall with Advanced Security.lnk -> C:\Windows\System32\WF.msc ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems\ACDSee Video Converter Pro 5.lnk -> C:\Program Files (x86)\ACD Systems\ACDSee Video Converter Pro 5\ACDVC Pro.exe ()
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Calculator.lnk -> C:\Windows\System32\calc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\displayswitch.lnk -> C:\Windows\System32\displayswitch.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Math Input Panel.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\mip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\NetworkProjection.lnk -> C:\Windows\System32\NetProj.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Paint.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Remote Desktop Connection.lnk -> C:\Windows\System32\mstsc.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Snipping Tool.lnk -> C:\Windows\System32\SnippingTool.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sound Recorder.lnk -> C:\Windows\System32\SoundRecorder.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sticky Notes.lnk -> C:\Windows\System32\StikyNot.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Sync Center.lnk -> C:\Windows\System32\mobsync.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Wordpad.lnk -> C:\Program Files\Windows NT\Accessories\wordpad.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell (x86).lnk -> C:\Windows\SysWOW64\Windowspowershell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE (x86).lnk -> C:\Windows\SysWOW64\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell ISE.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\PowerShell_ISE.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Windows PowerShell\Windows PowerShell.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\ShapeCollector.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\ShapeCollector.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC\TabTip.lnk -> C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Character Map.lnk -> C:\Windows\System32\charmap.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\dfrgui.lnk -> C:\Windows\System32\dfrgui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Disk Cleanup.lnk -> C:\Windows\System32\cleanmgr.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Information.lnk -> C:\Windows\System32\msinfo32.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\System Restore.lnk -> C:\Windows\System32\rstrui.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer Reports.lnk -> C:\Windows\System32\migwiz\PostMig.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Windows Easy Transfer.lnk -> C:\Windows\System32\migwiz\migwiz.exe (Microsoft Corporation)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{B4479B29-055B-4D00-A0A5-4A4BE6E0F3D7}\PlayTasks\0\Play.lnk -> C:\games\AngryBirdsStarWarsII.exe (Rovio Entertainment Ltd.)
Shortcut: C:\ProgramData\Microsoft\Windows\GameExplorer\{34F55B13-2D6E-44E2-AE7F-084BCA42CBF6}\PlayTasks\0\Water Bugs.lnk -> C:\Program Files\PopCap Games\Water Bugs\WaterBugs.exe ( )
Shortcut: C:\Users\Default\Links\OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Program Files (x86)\Microsoft OneDrive\OneDriveSetup.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Links\Creative Cloud Files.lnk -> C:\Users\Gpa-Jim\Creative Cloud Files ()
Shortcut: C:\Users\Gpa-Jim\Links\Desktop.lnk -> C:\Users\Gpa-Jim\Desktop ()
Shortcut: C:\Users\Gpa-Jim\Links\Downloads.lnk -> C:\Users\Gpa-Jim\Downloads ()
Shortcut: C:\Users\Gpa-Jim\Links\Google Drive.lnk -> C:\Users\Gpa-Jim\Google Drive ()
Shortcut: C:\Users\Gpa-Jim\Links\OneDrive.lnk -> C:\Users\Gpa-Jim\Desktop\OneDrive ()
Shortcut: C:\Users\Gpa-Jim\Links\RecentPlaces.lnk -> [::{22877A6D-37A1-461A-91B0-DBDA5AAEBC99}]
Shortcut: C:\Users\Gpa-Jim\Desktop\Computer - Shortcut.lnk -> System Folder
Shortcut: C:\Users\Gpa-Jim\Desktop\Google Drive.lnk -> C:\Users\Gpa-Jim\Google Drive ()
Shortcut: C:\Users\Gpa-Jim\Desktop\icofx 3.lnk -> C:\Program Files (x86)\icofx3\icofx3.exe (icofx software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Internet Explorer (64-bit).lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\Music Recorder (2).lnk -> C:\Program Files (x86)\Music Recorder\Music Recorder 2016\AudialsStarter.exe (Audials AG)
Shortcut: C:\Users\Gpa-Jim\Desktop\Oddworld - New 'n' Tasty.lnk -> C:\games\Oddworld - New 'n' Tasty\NNT.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Speedtest.lnk -> C:\Program Files (x86)\Speedtest\Speedtest.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Spyder4Elite 4.5.9.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Elite\Spyder4Elite.exe (©2016 Datacolor)
Shortcut: C:\Users\Gpa-Jim\Desktop\TotalAV.lnk -> C:\Program Files (x86)\TotalAV\TotalAV.exe (TotalAV)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\CCleaner.lnk -> C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\jv16 PowerTools 2017.lnk -> C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt.exe (Macecraft Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\jv16PT.exe - Shortcut.lnk -> C:\Program Files (x86)\jv16 PowerTools 2014\jv16PT.exe (Macecraft Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\Microsoft Security Essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\VIRUS CHECKERS\Spybot-S&D Start Center.lnk -> C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe (Safer-Networking Ltd.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\ACDSee Video Converter Pro 5.lnk -> C:\Program Files (x86)\ACD Systems\ACDSee Video Converter Pro 5\ACDVC Pro.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Aimersoft YouTube Downloader.lnk -> C:\Program Files (x86)\YouTube Downloader\AiAllMyTubeSplash.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Aiseesoft Video Converter Ultimate.lnk -> C:\Program Files (x86)\Video Converter Ultimate\Aiseesoft Video Converter Ultimate.exe (Aiseesoft)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\AnyDVD.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (RedFox)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Audacity.lnk -> C:\Program Files (x86)\Audacity\audacity.exe (The Audacity Team)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\CloneCD.lnk -> C:\Program Files (x86)\SlySoft\CloneCD\CloneCD.exe (SlySoft, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\CloneDVD2.lnk -> C:\Program Files (x86)\Elaborate Bytes\CloneDVD2\CloneDVD2.exe (Elaborate Bytes AG)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\JRiver Media Center 23.lnk -> C:\Program Files (x86)\J River\Media Center 23\Media Center 23.exe (JRiver, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Logitech Camera Diagnostic.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LogiUCDiagnostic\LogiDiagnostic.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Logitech Webcam Software .lnk -> C:\Program Files (x86)\Common Files\LogiShrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\MPC-HC x64.lnk -> C:\Program Files\MPC-HC\mpc-hc64.exe (MPC-HC Team)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Photomatix Pro 5.1.1 (64-bit).lnk -> C:\Program Files\PhotomatixPro5\PhotomatixPro.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\ProShow Producer (2).lnk -> C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe (Photodex)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\ProShow Producer.lnk -> C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe (Photodex)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\RETOUCHING 101-301 - Shortcut.lnk -> C:\DOWNLOADS\RETOUCHING 101-301 (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Serif MoviePlus X6.lnk -> C:\Program Files (x86)\Serif\MoviePlus\X6\Program\MoviePlus.exe (Serif (Europe) Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\SIGMA Optimization Pro.lnk -> C:\Program Files (x86)\SIGMA\SIGMA Optimization Pro\SOP.exe (SIGMA CORPORATION)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\SmartDeblur.lnk -> C:\Program Files (x86)\SmartDeblur\SmartDeblur.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Snagit 13.lnk -> C:\Windows\Installer\{F0EE4FB7-90E5-445A-84BD-EA3844994034}\SnagitIcon.exe (TechSmith Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Spyder4Elite 4.5.4.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Elite\Spyder4Elite.exe (©2016 Datacolor)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\VLC media player.lnk -> C:\Program Files\VideoLAN\VLC\vlc.exe (VideoLAN)
Shortcut: C:\Users\Gpa-Jim\Desktop\Video & Camera\Wondershare DVD Creator.lnk -> C:\Program Files (x86)\Wondershare\DVD Creator\DVDCreator.exe (Wondershare Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Acoustica CD Label Maker.lnk -> C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe ( Acoustica Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Hallmark Card Studio 2015 Deluxe.lnk -> C:\Program Files (x86)\Hallmark Card Studio 2015 Deluxe\HCS.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Hallmark Card Studio 2018 Deluxe.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2018 Deluxe\HCS.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\notepad.exe - Shortcut.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Photomatix Pro 5.1.1 (64-bit).lnk -> C:\Program Files\PhotomatixPro5\PhotomatixPro.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Print Artist Platinum 24.lnk -> C:\Windows\Installer\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}\NewShortcut4_65415E4819CB4F309BC9AE8A2E4D21FC.exe (Flexera Software, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Print Artist Platinum 25.lnk -> C:\Windows\Installer\{54E76A97-D5FB-4EF4-857B-838E47705B98}\NewShortcut4_C8F813D8C5F44C4EB138B12EB86646BD.exe (Flexera Software LLC)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Print Artist Scrapbooks and More.lnk -> C:\Windows\Installer\{16FE986C-A70B-42F4-B627-6F3F8460D9BE}\NewShortcut4_C8F813D8C5F44C4EB138B12EB86646BD.exe (Flexera Software LLC)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Print CD.lnk -> C:\Program Files (x86)\Epson Software\Print CD\PrintCD.exe (SEIKO EPSON CORPORATION)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\Qimage.exe - Shortcut.lnk -> C:\Program Files (x86)\Qimage Ultimate 2014.136 Portable~~\Qimage Ultimate 2014.136 Portable~~\Qimage.exe (ddisoftware, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\The Print Shop 4.0 Professional.lnk -> C:\Windows\Installer\{B9B030ED-7634-4FC1-B1F7-7F1A7445EB72}\NewShortcut2_4CEF7B3EAB2E422A9FFEC102DF83135E.exe (Flexera Software, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\VueScan x64.lnk -> C:\Program Files\VueScan\vuescan.exe (Hamrick Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\HALLMARK 2016\Art Explosion Calendar Maker.lnk -> C:\Program Files (x86)\Art Explosion Calendar Maker\Calendar.exe (AMS Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\HALLMARK 2016\Collage Generator.lnk -> C:\Program Files (x86)\Collage Generator\AutoCollage.exe (AMS Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\HALLMARK 2016\Hallmark Card Studio 2016 Deluxe.lnk -> C:\Program Files (x86)\Hallmark Card Studio 2016 Deluxe\HCS.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\HALLMARK 2016\Hallmark Card Studio 2017 Deluxe.lnk -> C:\Program Files (x86)\Hallmark Card Studio 2017 Deluxe\HCS.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\HALLMARK 2016\Home Photo Studio.lnk -> C:\Program Files (x86)\Home Photo Studio\HomeStudio.exe (AMS Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\Printing\FONTTWISTER\FontTwister.lnk -> C:\Program Files (x86)\FontTwister\FTwister.exe (Neuber GmbH - www.neuber.com)
Shortcut: C:\Users\Gpa-Jim\Desktop\NEW NERO\Music Recorder.lnk -> C:\Program Files (x86)\Music Recorder\Music Recorder 2016\AudialsStarter.exe (Audials AG)
Shortcut: C:\Users\Gpa-Jim\Desktop\NEW NERO\Nero 2016.lnk -> C:\Windows\Installer\{EF0BA418-AF37-471E-9594-EAE5913F4681}\NeroLauncher.ex_06255901E67449719980557FAA5EC1C6.exe (Acresso Software Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\NEW NERO\Nero WaveEditor.lnk -> C:\Windows\Installer\{690E41ED-A51E-4C1A-B786-20BFD151E27C}\ScWaveEditorStartM_3939FC794F8E448CB7E44465B4F58E0D.exe (Acresso Software Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\Helicon\Helicon 3D Viewer.lnk -> C:\Program Files\Helicon Software\Helicon Focus 6\Helicon3DViewer.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\Helicon\Helicon Focus 6.lnk -> C:\Program Files\Helicon Software\Helicon Focus 6\HeliconFocus.exe (HeliconSoft Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\Helicon\Helicon Remote.lnk -> C:\Program Files (x86)\Helicon Remote\HeliconRemote.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\.lnk -> C:\games\bugs\Cosmic Bugs.exe ( )
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Around the World in 80 Levels.lnk -> C:\games\Around the World in 80 Levels.exe (Lucky Black)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Astrogeddon.lnk -> C:\games\astro\Astrogeddon.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Atlantis Quest.exe - Shortcut.lnk -> C:\games\Atlantis Quest\Atlantis Quest.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Bejeweled 3.lnk -> C:\games\bj3\Bejeweled3.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Bejeweled Blitz.lnk -> C:\games\BejBlitz.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Big Kahuna Reef 3.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\Big Kahuna Reef 3.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition.lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\CI5Halloween.exe (InterAction studios)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Doors.lnk -> C:\games\Doors\doors.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Edge of Reality Ring of Destiny Collectors.lnk -> C:\games\Edge of Reality Ring of Destiny Collectors Edition\EOR_RingOfDestiny_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Elf Bowling The Last Insult.lnk -> C:\games\Elf Bowling The Last Insult\ElfBowling.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Feist.lnk -> C:\games\Feist\Feist.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Frankenstein - The Village.lnk -> C:\games\Frankenstein - The Village\Frankenstein2.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Fright_CE.exe - Shortcut.lnk -> C:\games\Fright Collector's Edition\Fright_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Hidden Expedition - The Fountain of Youth Collectors Edition.lnk -> C:\games\The Fountain of Youth\HiddenExpedition_FountainOfYouth_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match - Winter Wonderland.lnk -> C:\games\Jewel Match - Winter Wonderland\Jewel Match - Winter Wonderland.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match 2 Reloaded.lnk -> C:\games\Jewel Match 2 Reloaded\JM2R.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match 4.lnk -> C:\games\Jewel Match 4\JM4.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match Royale 2 - Rise of the King Collectors Edition.lnk -> C:\games\Jewel Match Royale 2\JewelMatchRoyale2RiseOfTheKingCE.exe (LeeGT-Games)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match Royale Collectors Edition.lnk -> C:\games\Jewel Match Royale\JM_Royale.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Match.lnk -> C:\games\Jewel Match\Jewel.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Jewel Quest - Seven Seas Collectors Edition.lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\jewelquest_sevenseas.exe (iWin Games)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\JewelMatchSnowscapes.lnk -> C:\games\jm\JewelMatchSnowscapes.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\JMT.exe - Shortcut.lnk -> C:\games\Jewel Match Twilight UPDATE\JMT.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Labyrinths of the World - A Dangerous Game Collectors Edition.lnk -> C:\games\Labyrinths of the World\LabyrinthsOfTheWorld_ADangerousGame_CE.exe (LeeGT)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Magic Match.lnk -> C:\games\Magic Match\Magic Match.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\MedfordAsylum.lnk -> C:\games\MedfordAsylum.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Myths of the World - The Heart of Desolation Collectors Edition.lnk -> C:\games\Myths of the World\MythsOfTheWorld_TheHeartOfDesolation_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Nostradamus - The Four Horseman of the Apocalypse.lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\nostradamus.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\PeggleWoW - Shortcut.lnk -> C:\DOWNLOADS\7575757575757PWOWE575757575757575\7575757575757PWOWE575757575757575\Peggle - World of Warcraft Edition\PeggleWoW.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Poker Superstars III.lnk -> C:\games\Poker Superstars III\Poker3.exe (Funkitron, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Professor Fizzwizzle and the Molten Mystery.lnk -> C:\games\Professor Fizzwizzle and the Molten Mystery\PFMM.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Professor Heinz Wolff's Gravity.lnk -> C:\games\Gravity.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\realMyst Masterpiece Edition.lnk -> C:\games\realMyst Masterpiece Edition\realMyst.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\SCHEINwin32 - Shortcut.lnk -> C:\games\Schein\SCHEINwin32.exe (VELOCITY)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\SimpleRockets.lnk -> C:\Windows\Installer\{7B38B3F0-902B-4AE8-9560-97F71050DFBB}\_20C9BE27415F694CAA26AE.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\SolSuite.lnk -> C:\Program Files (x86)\SolSuite\SolSuite.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Space Strike.lnk -> C:\games\SpaceStrike.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Star Defender 4.lnk -> C:\games\star\Star Defender 4\StarDefender4.exe (AWEM Studio)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Super Cyborg - Steam Edition.lnk -> C:\games\Super Cyborg.exe (Artur Games)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\The Mystery of a Lost Planet.lnk -> C:\games\The Mystery of a Lost Planet\Planet.exe (VELOCITY)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\The Swindle.lnk -> C:\games\The Swindle\TheSwindle.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Turtix 1 & 2.lnk -> C:\games\Turtix 1 & 2\Turtix 1 & 2.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Wave of Time.lnk -> C:\games\Wave of Time\WaveOfTime.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Zombie Bowl-O-Rama.lnk -> C:\games\Zombie Bowl-O-Rama\ZombieBowlORama.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds Rio.lnk -> C:\games\Rovio\Angry Birds Rio\AngryBirdsRio.exe (Rovio Mobile Ltd.)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds Seasons.lnk -> C:\games\Rovio\Angry Birds Seasons\AngryBirdsSeasons.exe (Rovio Mobile)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds Space.lnk -> C:\games\Rovio\Angry Birds Space\AngryBirdsSpace.exe (Rovio Entertainment Ltd.)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds Star Wars II.lnk -> C:\games\AngryBirdsStarWarsII.exe (Rovio Entertainment Ltd.)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds Star Wars.lnk -> C:\games\Rovio\Angry Birds Star Wars\AngryBirdsStarWars.exe (Rovio Entertainment Ltd.)
Shortcut: C:\Users\Gpa-Jim\Desktop\GAMES\Angry Birds\Angry Birds.lnk -> C:\games\Rovio\Angry Birds\AngryBirds.exe (Rovio Entertainment)
Shortcut: C:\Users\Gpa-Jim\Desktop\ASUS\ASUS GPU Tweak.lnk -> C:\Program Files (x86)\ASUS\GPU Tweak\GPUTweak.exe (ASUS)
Shortcut: C:\Users\Gpa-Jim\Desktop\ASUS\CPUID ASUS CPU-Z.lnk -> C:\Program Files\CPUID\ASUS CPU-Z\cpuz_asus.exe (CPUID)
Shortcut: C:\Users\Gpa-Jim\Desktop\ASUS\GeForce Experience.lnk -> C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe (NVIDIA)
Shortcut: C:\Users\Gpa-Jim\Desktop\ASUS\GPUTweakStreaming.lnk -> C:\Program Files (x86)\ASUS\GPUTweakStreaming\GPUTweakStreaming.exe (ASUS)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\BrainWave Generator.lnk -> C:\Program Files (x86)\BrainWave Generator\Bwgen.exe (Noromaa Solutions)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\calibre 64bit - E-book management.lnk -> C:\Program Files\Calibre2\calibre.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Corsair Utility Engine.lnk -> C:\Program Files (x86)\Corsair\Corsair Utility Engine\CUE.exe (Corsair Components, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Desktop Toilet 5.0.lnk -> C:\Program Files (x86)\Desktop Toilet 5.0\desktoptoilet5.exe (MicroSECONDS Computer Consulting)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Earth Alerts.lnk -> C:\Program Files (x86)\Earth Alerts\EarthAlerts.exe (South Wind Technologies)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Elevated Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\ePub Reader for Windows.lnk -> C:\Program Files (x86)\ePub Reader for Windows\Epub Reader for Windows.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Free Alarm Clock.lnk -> C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe (Comfort Software Group)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Garmin Express.lnk -> C:\Program Files (x86)\Garmin\Express\express.exe (Garmin Ltd. or its subsidiaries)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Glary Utilities 5.lnk -> C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Glarysoft Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\O&O Defrag.lnk -> C:\Windows\Installer\{0FDB84EB-C1FE-4684-8673-C490E3F06D16}\app_icon.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\O&O DiskImage.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\DiskImage.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\O&O DiskStat.lnk -> C:\Windows\Installer\{0FDB84EB-C1FE-4684-8673-C490E3F06D16}\app_oods_icon.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Paragon Hard Disk Manager™ 15 Professional.lnk -> C:\Program Files\Paragon Software\Hard Disk Manager 15 Professional\program\launcher.exe (Paragon Software Group)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Reflect.lnk -> C:\Program Files\Macrium\Reflect\reflect.exe (Paramount Software UK Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Restore Point Creator.lnk -> C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Rosetta Stone.lnk -> C:\Program Files (x86)\Rosetta Stone\Rosetta Stone Language Training\Rosetta Stone.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Security essentials.lnk -> C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\SpeccyPortable - Shortcut.lnk -> C:\SpeccyPortable_Technician\SpeccyPortable.exe (PortableAppZ.blogspot.com)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Spyder4Elite 4.5.9.lnk -> C:\Program Files (x86)\Datacolor\Spyder4Elite\Spyder4Elite.exe (©2016 Datacolor)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Ultimate Windows Tweaker - Shortcut.lnk -> C:\Program Files (x86)\ultimate windows tweaker\Ultimate Windows Tweaker.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Video Card Stability Test.lnk -> C:\Program Files (x86)\Video Card Stability Test\Video Card Stability Test.exe (FreeStone Group)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\WhoCrashed.lnk -> C:\Program Files\WhoCrashed\WhoCrashed.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Wireless Connection Manager.lnk -> C:\Program Files (x86)\D-Link\DWA-140 revB\AirNCFG.exe (D-Link Corp.)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\Your Unin-staller!.lnk -> C:\Program Files (x86)\Your Uninstaller! 7\urmain.exe (URSoft,Inc)
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\WinRAR\Console RAR manual.lnk -> C:\Program Files\WinRAR\Rar.txt ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\WinRAR\What is new in the latest version.lnk -> C:\Program Files\WinRAR\WhatsNew.txt ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\WinRAR\WinRAR help.lnk -> C:\Program Files\WinRAR\WinRAR.chm ()
Shortcut: C:\Users\Gpa-Jim\Desktop\APPS\WinRAR\WinRAR.lnk -> C:\Program Files\WinRAR\WinRAR.exe (Alexander Roshal)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Adobe Lightroom Classic CC.lnk -> C:\Program Files\Adobe\Adobe Lightroom Classic CC\Lightroom.exe (Adobe Systems)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Affinity Photo.lnk -> C:\Program Files\Affinity\Affinity Photo\Photo.exe (Serif (Europe) Ltd)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\AKVIS Neon.lnk -> C:\Program Files (x86)\AKVIS\Neon\Neon_64.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\AKVIS Refocus.lnk -> C:\Program Files (x86)\AKVIS\Refocus\Refocus_64.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Aurora HDR 2018.lnk -> C:\Program Files\Skylum\Aurora HDR 2018\Aurora HDR 2018.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Capture One 9.lnk -> C:\Program Files\Phase One\Capture One 9\CaptureOne.exe (Phase One)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\DENOISE projects 2 professional.lnk -> C:\Program Files\Photographer's Projects Collection 2018\Franzis\Photographer's Projects Collection 2018\DENOISE projects 2 professional\DENOISE projects 2 professional.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\FaceFilter v3.02 SE.lnk -> C:\Program Files (x86)\Reallusion\FaceFilter3\FFApp.exe (Reallusion Inc.)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\HDR projects 5 professional.lnk -> C:\Program Files\Photographer's Projects Collection 2018\Franzis\Photographer's Projects Collection 2018\HDR projects 5 professional\HDR projects 5 professional.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\NEAT projects professional.lnk -> C:\Program Files\Photographer's Projects Collection 2018\Franzis\Photographer's Projects Collection 2018\NEAT projects professional\NEAT projects professional.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Perfect Effects 9.lnk -> C:\Program Files\onOne Software\Perfect Effects 9\Perfect Effects 9.exe (onOne Software)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\photoFXlab (64-bit).lnk -> C:\Program Files (x86)\Topaz Labs\Applications\64Bit\photoFXlab.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Photomatix Pro 6.0 (64-bit).lnk -> C:\Program Files\PhotomatixPro6\PhotomatixPro.exe (HDRsoft)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\SHARPEN projects photographer.lnk -> C:\Program Files\Photographer's Projects Collection 2018\Franzis\Photographer's Projects Collection 2018\SHARPEN projects photographer\SHARPEN projects.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz DeNoise 6 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz DeNoise 6\tldenoise6.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Glow (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Glow\tlglow.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Glow 2 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Glow 2\tlglow2.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Impression 2 (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Impression 2\tlimpression2.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz ReMask 5 (64-bit).lnk -> D:\Topaz Labs\Topaz ReMask 5\tlremask5.exe (No File)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Studio (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Studio\Topaz Studio.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Studio.lnk -> C:\Program Files\Topaz Labs\Topaz Studio\Topaz Studio.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Topaz Texture Effects (64-bit).lnk -> C:\Program Files\Topaz Labs\Topaz Texture Effects\tltextureeffects.exe ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\tlglowps_x64.lnk -> C:\Program Files\Topaz Labs\Topaz Glow\PS_Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\tlphotoFXlabps_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Applications\64Bit\Topaz Plug-ins ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\tltextureeffectsps_x64.lnk -> C:\Program Files\Topaz Labs\Topaz Texture Effects\PS_Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazadjust5_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Adjust 5\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazbw2_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz BW 2\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazClarity_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Clarity\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazclean3ps_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Clean 3\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazdejpeg4ps_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz DeJpeg 4\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazdenoise5ps_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz DeNoise 5\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazdetail3_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Detail 3\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazinfocus_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz InFocus\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazlenseffects_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Lens Effects\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazremask4_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz ReMask 4\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazremask5_x64.lnk -> C:\Program Files\Topaz Labs\Topaz ReMask 5\PS_Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazReStyle_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz ReStyle\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazsimplify4_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Simplify 4\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\topazstareffects_x64.lnk -> C:\Program Files (x86)\Topaz Labs\Topaz Star Effects\Plugins_x64 ()
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Viveza 2\Viveza2.8bf.lnk -> C:\Program Files\Google\Nik Collection\Viveza 2\Viveza 2 (64-Bit)\Viveza2.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Silver Efex Pro 2\Silver Efex Pro 2.8bf.lnk -> C:\Program Files\Google\Nik Collection\Silver Efex Pro 2\Silver Efex Pro 2 (64-Bit)\Silver Efex Pro 2.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Sharpener Pro 3\SHP3OS.8bf.lnk -> C:\Program Files\Google\Nik Collection\Sharpener Pro 3\Sharpener Pro 3 (64-Bit)\SHP3OS.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Sharpener Pro 3\SHP3RPS.8bf.lnk -> C:\Program Files\Google\Nik Collection\Sharpener Pro 3\Sharpener Pro 3 (64-Bit)\SHP3RPS.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\HDR Efex Pro 2\HDR Efex Pro 2.8bf.lnk -> C:\Program Files\Google\Nik Collection\HDR Efex Pro 2\HDR Efex Pro 2 (64-Bit)\HDR Efex Pro 2.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\Background.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\Background.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\Dfine2.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\Dfine2.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\FineStructures.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\FineStructures.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\HotPixels.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\HotPixels.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\Shadows.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\Shadows.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\Skin.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\Skin.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\Sky.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\Sky.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Dfine 2\StrongNoise.8bf.lnk -> C:\Program Files\Google\Nik Collection\Dfine 2\Dfine 2 (64-Bit)\StrongNoise.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Color Efex Pro 4\Color Efex Pro 4.8bf.lnk -> C:\Program Files\Google\Nik Collection\Color Efex Pro 4\Color Efex Pro 4 (64-Bit)\Color Efex Pro 4.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\Desktop\ADOBE\Plug-ins\Google\Analog Efex Pro 2\Analog Efex Pro 2.8bf.lnk -> C:\Program Files\Google\Nik Collection\Analog Efex Pro 2\Analog Efex Pro 2 (64-Bit)\Analog Efex Pro 2.8bf (Google)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\icofx 3.lnk -> C:\Program Files (x86)\icofx3\icofx3.exe (icofx software)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk -> C:\Users\Gpa-Jim\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Smilebox.lnk -> C:\Users\Gpa-Jim\AppData\Roaming\Smilebox\SmileboxStarter.exe (Smilebox, Inc.)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TotalAV.lnk -> C:\Program Files (x86)\TotalAV\TotalAV.exe (TotalAV)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zombie Bowl-O-Rama\FileFactory Premium.lnk -> C:\games\Zombie Bowl-O-Rama\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zombie Bowl-O-Rama\Uninstall .lnk -> C:\games\Zombie Bowl-O-Rama\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zombie Bowl-O-Rama\Uploaded.net Premium.lnk -> C:\games\Zombie Bowl-O-Rama\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zombie Bowl-O-Rama\Visit LeeGT-Games.lnk -> C:\games\Zombie Bowl-O-Rama\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Office Tools\Uninstall WPS Office.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\utility\uninst.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Office Tools\WPS Office Configuration Tools.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\office6\ksomisc.exe (Zhuhai Kingsoft Office Software Co.,Ltd)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wave of Time\FileFactory Premium.lnk -> C:\games\Wave of Time\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wave of Time\Uninstall .lnk -> C:\games\Wave of Time\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wave of Time\Uploaded.net Premium.lnk -> C:\games\Wave of Time\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wave of Time\Visit LeeGT-Games.lnk -> C:\games\Wave of Time\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wave of Time\Wave of Time.lnk -> C:\games\Wave of Time\WaveOfTime.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Card Stability Test\FreeStone-Group.com.lnk -> C:\Program Files (x86)\Video Card Stability Test\FreeStone-Group.com.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Card Stability Test\Games.FreeStone-Group.com.lnk -> C:\Program Files (x86)\Video Card Stability Test\Games.FreeStone-Group.com.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Card Stability Test\Uninstall.lnk -> C:\Program Files (x86)\Video Card Stability Test\uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Video Card Stability Test\Video Card Stability Test.lnk -> C:\Program Files (x86)\Video Card Stability Test\Video Card Stability Test.exe (FreeStone Group)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtix 1 & 2\FileFactory Premium.lnk -> C:\games\Turtix 1 & 2\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtix 1 & 2\Turtix 1 & 2.lnk -> C:\games\Turtix 1 & 2\Turtix 1 & 2.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtix 1 & 2\Uninstall Turtix 1 & 2.lnk -> C:\games\Turtix 1 & 2\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtix 1 & 2\Uploaded.net Premium.lnk -> C:\games\Turtix 1 & 2\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Turtix 1 & 2\Visit LeeGT-Games.lnk -> C:\games\Turtix 1 & 2\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Studio\Topaz Studio.lnk -> C:\Program Files\Topaz Labs\Topaz Studio\Topaz Studio.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nostradamus - The Four Horseman of the Apocalypse\FileFactory Premium.lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nostradamus - The Four Horseman of the Apocalypse\Nostradamus - The Four Horseman of the Apocalypse.lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\nostradamus.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nostradamus - The Four Horseman of the Apocalypse\Uninstall .lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nostradamus - The Four Horseman of the Apocalypse\Uploaded.net Premium.lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nostradamus - The Four Horseman of the Apocalypse\Visit LeeGT-Games.lnk -> C:\games\Nostradamus - The Four Horseman of the Apocalypse\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition\FileFactory Premium.lnk -> C:\games\Myths of the World\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition\Myths of the World - The Heart of Desolation Collectors Edition.lnk -> C:\games\Myths of the World\MythsOfTheWorld_TheHeartOfDesolation_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition\Uninstall .lnk -> C:\games\Myths of the World\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition\Uploaded.net Premium.lnk -> C:\games\Myths of the World\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Myths of the World - The Heart of Desolation Collectors Edition\Visit LeeGT-Games.lnk -> C:\games\Myths of the World\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medford Asylum Paranormal Case\MedfordAsylum.lnk -> C:\games\MedfordAsylum.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Medford Asylum Paranormal Case\Setup Factory 8.0 Runtime.lnk -> C:\games\uninstall.exe (Indigo Rose Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Match\FileFactory Premium.lnk -> C:\games\Magic Match\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Match\Magic Match.lnk -> C:\games\Magic Match\Magic Match.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Match\Uninstall Magic Match.lnk -> C:\games\Magic Match\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Match\Uploaded.net Premium.lnk -> C:\games\Magic Match\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Match\Visit LeeGT-Games.lnk -> C:\games\Magic Match\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Labyrinths of the World - A Dangerous Game Collectors Edition\FileFactory Premium.lnk -> C:\games\Labyrinths of the World\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Labyrinths of the World - A Dangerous Game Collectors Edition\Labyrinths of the World - A Dangerous Game Collectors Edition.lnk -> C:\games\Labyrinths of the World\LabyrinthsOfTheWorld_ADangerousGame_CE.exe (LeeGT)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Labyrinths of the World - A Dangerous Game Collectors Edition\Uninstall .lnk -> C:\games\Labyrinths of the World\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Labyrinths of the World - A Dangerous Game Collectors Edition\Uploaded.net Premium.lnk -> C:\games\Labyrinths of the World\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2017\jv16 PowerTools 2017.lnk -> C:\Program Files (x86)\jv16 PowerTools 2017\jv16pt.exe (Macecraft Software)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Quest - Seven Seas Collectors Edition\FileFactory Premium.lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Quest - Seven Seas Collectors Edition\Jewel Quest - Seven Seas Collectors Edition.lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\jewelquest_sevenseas.exe (iWin Games)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Quest - Seven Seas Collectors Edition\Uninstall .lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Quest - Seven Seas Collectors Edition\Uploaded.net Premium.lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Quest - Seven Seas Collectors Edition\Visit LeeGT-Games.lnk -> C:\games\Jewel Quest - Seven Seas Collectors Edition\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale Collectors Edition\FileFactory Premium.lnk -> C:\games\Jewel Match Royale\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale Collectors Edition\Jewel Match Royale Collectors Edition.lnk -> C:\games\Jewel Match Royale\JM_Royale.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale Collectors Edition\Uninstall .lnk -> C:\games\Jewel Match Royale\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale Collectors Edition\Uploaded.net Premium.lnk -> C:\games\Jewel Match Royale\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale Collectors Edition\Visit LeeGT-Games.lnk -> C:\games\Jewel Match Royale\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale 2 - Rise of the King Collectors Edition\FileFactory Premium.lnk -> C:\games\Jewel Match Royale 2\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale 2 - Rise of the King Collectors Edition\Jewel Match Royale 2 - Rise of the King Collectors Edition.lnk -> C:\games\Jewel Match Royale 2\JewelMatchRoyale2RiseOfTheKingCE.exe (LeeGT-Games)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale 2 - Rise of the King Collectors Edition\Uninstall .lnk -> C:\games\Jewel Match Royale 2\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match Royale 2 - Rise of the King Collectors Edition\Uploaded.net Premium.lnk -> C:\games\Jewel Match Royale 2\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 4\FileFactory Premium.lnk -> C:\games\Jewel Match 4\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 4\Jewel Match 4.lnk -> C:\games\Jewel Match 4\JM4.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 4\Uninstall Jewel Match 4.lnk -> C:\games\Jewel Match 4\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 4\Uploaded.net Premium.lnk -> C:\games\Jewel Match 4\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 4\Visit LeeGT-Games.lnk -> C:\games\Jewel Match 4\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 2 Reloaded\FileFactory Premium.lnk -> C:\games\Jewel Match 2 Reloaded\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 2 Reloaded\Jewel Match 2 Reloaded.lnk -> C:\games\Jewel Match 2 Reloaded\JM2R.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 2 Reloaded\Uninstall Jewel Match 2 Reloaded.lnk -> C:\games\Jewel Match 2 Reloaded\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 2 Reloaded\Uploaded.net Premium.lnk -> C:\games\Jewel Match 2 Reloaded\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match 2 Reloaded\Visit LeeGT-Games.lnk -> C:\games\Jewel Match 2 Reloaded\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match - Winter Wonderland\FileFactory Premium.lnk -> C:\games\Jewel Match - Winter Wonderland\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match - Winter Wonderland\Jewel Match - Winter Wonderland.lnk -> C:\games\Jewel Match - Winter Wonderland\Jewel Match - Winter Wonderland.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match - Winter Wonderland\Uninstall .lnk -> C:\games\Jewel Match - Winter Wonderland\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match - Winter Wonderland\Uploaded.net Premium.lnk -> C:\games\Jewel Match - Winter Wonderland\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match - Winter Wonderland\Visit LeeGT-Games.lnk -> C:\games\Jewel Match - Winter Wonderland\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match\FileFactory Premium.lnk -> C:\games\Jewel Match\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match\Jewel Match.lnk -> C:\games\Jewel Match\Jewel.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match\Uninstall Jewel Match.lnk -> C:\games\Jewel Match\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match\Uploaded.net Premium.lnk -> C:\games\Jewel Match\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jewel Match\Visit LeeGT-Games.lnk -> C:\games\Jewel Match\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - The Fountain of Youth Collectors Edition\FileFactory Premium.lnk -> C:\games\The Fountain of Youth\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - The Fountain of Youth Collectors Edition\Hidden Expedition - The Fountain of Youth Collectors Edition.lnk -> C:\games\The Fountain of Youth\HiddenExpedition_FountainOfYouth_CE.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - The Fountain of Youth Collectors Edition\Uninstall .lnk -> C:\games\The Fountain of Youth\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - The Fountain of Youth Collectors Edition\Uploaded.net Premium.lnk -> C:\games\The Fountain of Youth\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hidden Expedition - The Fountain of Youth Collectors Edition\Visit LeeGT-Games.lnk -> C:\games\The Fountain of Youth\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frankenstein - The Village\FileFactory Premium.lnk -> C:\games\Frankenstein - The Village\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frankenstein - The Village\Frankenstein - The Village.lnk -> C:\games\Frankenstein - The Village\Frankenstein2.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frankenstein - The Village\Uninstall .lnk -> C:\games\Frankenstein - The Village\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frankenstein - The Village\Uploaded.net Premium.lnk -> C:\games\Frankenstein - The Village\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Frankenstein - The Village\Visit LeeGT-Games.lnk -> C:\games\Frankenstein - The Village\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition.lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\CI5Halloween.exe (InterAction studios)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\FileFactory Premium.lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Uninstall .lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Uploaded.net Premium.lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Visit LeeGT-Games.lnk -> C:\games\Chicken Invaders 5 - Cluck of the Dark Side Halloween Edition\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side\Uninstall Chicken Invaders 5 - Cluck of the Dark Side.lnk -> C:\Program Files (x86)\Chicken Invaders 5 - Cluck of the Dark Side\Uninstall.exe (Big Fish Games)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chicken Invaders 5 - Cluck of the Dark Side\Unlock Chicken Invaders 5 - Cluck of the Dark Side.lnk -> C:\Program Files (x86)\Chicken Invaders 5 - Cluck of the Dark Side\UnlockGame.bfg ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big Kahuna Reef 3 - The Lost Talismans\Big Kahuna Reef 3.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\Big Kahuna Reef 3.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big Kahuna Reef 3 - The Lost Talismans\FileFactory Premium.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\FileFactory Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big Kahuna Reef 3 - The Lost Talismans\Uninstall Big Kahuna Reef 3.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\Uninstall.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big Kahuna Reef 3 - The Lost Talismans\Uploaded.net Premium.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\Uploaded.net Premium.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Big Kahuna Reef 3 - The Lost Talismans\Visit LeeGT-Games.lnk -> C:\games\Big Kahuna Reef 3 - The Lost Talismans\Visit LeeGT-Games.url ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Astrogeddon\Astrogeddon.lnk -> C:\games\astro\Astrogeddon.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Astrogeddon\Help.lnk -> C:\games\astro\readme.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica CD Label Maker\Acoustica CD Label Maker.lnk -> C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe ( Acoustica Inc.)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk -> C:\Windows\System32\notepad.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -> C:\Windows\System32\shell32.dll (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk -> C:\Windows\System32\eudcedit.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk -> C:\Windows\System32\Magnify.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -> C:\Windows\System32\Narrator.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk -> C:\Windows\System32\osk.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\SendTo\Qimage Ultimate.lnk -> C:\Program Files (x86)\Qimage-U\Qimage.exe (No File)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Desktop Toilet 5.0.lnk -> C:\Program Files (x86)\Desktop Toilet 5.0\desktoptoilet5.exe (MicroSECONDS Computer Consulting)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ()
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -> C:\Windows\System32\imageres.dll (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Smilebox.lnk -> C:\Users\Gpa-Jim\AppData\Roaming\Smilebox\SmileboxStarter.exe (Smilebox, Inc.)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Snap Art 4.lnk -> C:\Program Files\Alien Skin\Snap Art 4\Alien Skin Snap Art 4 x64.exe (Alien Skin Software, LLC)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -> C:\Windows\explorer.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Wondershare Video Converter Ultimate.lnk -> C:\Program Files (x86)\Wondershare\Video Converter Ultimate\VideoConverterUltimate.exe (No File)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Logitech Options.lnk -> C:\Program Files\Logitech\LogiOptions\LogiOptions.exe (Logitech, Inc.)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation)
Shortcut: C:\Users\Gpa-Jim\AppData\Roaming\GlarySoft\Glary Utilities 5\Startup\StartupDir\.exeEvent Planner Reminder.lnk -> C:\Program Files (x86)\Creative Home\Hallmark Card Studio 2018 Deluxe\Planner\PLNRnote.exe (Creative Home)
Shortcut: C:\Users\Public\Desktop\Adobe Creative Cloud.lnk -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
Shortcut: C:\Users\Public\Desktop\BluffTitler.lnk -> D:\outerspace\BluffTitler\BluffTitler.exe (No File)
Shortcut: C:\Users\Public\Desktop\Firefox.lnk -> C:\Program Files\Mozilla Firefox\firefox.exe ()
Shortcut: C:\Users\Public\Desktop\MahJong Suite.lnk -> C:\games\MahJong Suite\MahJongSuite.exe ()
Shortcut: C:\Users\Public\Desktop\Malwarebytes.lnk -> C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe (Malwarebytes)
Shortcut: C:\Users\Public\Desktop\Mozilla Thunderbird.lnk -> C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
Shortcut: C:\Users\Public\Desktop\qBittorrent.lnk -> C:\Program Files\qBittorrent\qbittorrent.exe ()
Shortcut: C:\Users\Public\Desktop\SolSuite.lnk -> C:\games\SolSuite\SolSuite.exe ()
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.DefaultPrograms
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk -> C:\Windows\System32\wuapp.exe (Microsoft Corporation) -> startmenu
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk -> C:\Program Files (x86)\bfgclient\bfgclient.exe () -> -u
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) -> /showgadgets
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk -> C:\Program Files (x86)\Windows Media Player\wmplayer.exe (Microsoft Corporation) -> /prefetch:1
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Print Shop 4.0 Professional\The Print Shop 4.0 Professional Uninstall.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {B9B030ED-7634-4FC1-B1F7-7F1A7445EB72}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Summitsoft\Business Card Studio\Uninstall Business Card Studio.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {26413EE3-C4B2-4A06-8225-72649315337D}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD Image Ripper.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (RedFox) -> -iso
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD Ripper.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (RedFox) -> -r
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft\AnyDVD\AnyDVD System Information.lnk -> C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVD.exe (RedFox) -> -syslog
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator (Force UAC Prompt).lnk -> C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe () -> -forceuac
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator Event Log Viewer.lnk -> C:\Program Files (x86)\Restore Point Creator\Restore Point Creator.exe () -> -eventlog
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reallusion\LiveUpdate\LiveUpdate.lnk -> C:\Program Files (x86)\Common Files\Reallusion\LiveUpdate\RLLiveUpdate.exe (Reallusion Inc.) -> /MANUAL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Professor Heinz Wolff's Gravity\Uninstall Professor Heinz Wolff's Gravity.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {C56A4D16-FAE8-4F5F-9033-7B339CDF549B}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games\Water Bugs\Uninstall Water Bugs.lnk -> C:\Program Files\PopCap Games\Water Bugs\PopUninstall.exe () -> "C:\Program Files\PopCap Games\Water Bugs\Install.log"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paragon Hard Disk Manager™ 15 Professional\Uninstall Paragon Hard Disk Manager™.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /i {1E104AF0-EA49-11DE-AC07-005056C00008}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software\O&O DiskImage\O&O DiskImage Express.lnk -> C:\Windows\Installer\{835A3A76-E6A3-45D8-8AE5-8FBDC04AC5A1}\DiskImage.exe () -> /e
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\3D Vision preview pack 1.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /show
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Disable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /disable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation\3D Vision\Enable 3D Vision.lnk -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstlink.exe (NVIDIA Corporation) -> /enable
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Nero ProductSetup.lnk -> C:\Program Files (x86)\Common Files\Ahead\Nero Web\SetupX.exe (Nero AG) -> -ScParameter=8 MODE="update"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 7 Ultra Edition\Tools\Nero Scout.lnk -> C:\Program Files (x86)\Common Files\Ahead\Lib\NeroScoutOptions.exe (Nero AG) -> -ScParameter=8
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance\Backup and Restore Center.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.BackupAndRestore
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2017\Uninstall jv16 PowerTools 2017.lnk -> C:\Program Files (x86)\jv16 PowerTools 2017\Uninstall\uninstall.exe (Indigo Rose Corporation) -> /U:"C:\Program Files (x86)\jv16 PowerTools 2017\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JRiver Media Center 23\Media Server.lnk -> C:\Windows\System32\MC23.exe (JRiver, Inc.) -> /MediaServer
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\About Java.lnk -> C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe (Oracle Corporation) -> -tab about
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Check For Updates.lnk -> C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe (Oracle Corporation) -> -tab update
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Docs.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_document
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Sheets.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_spreadsheet
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive\Google Slides.lnk -> C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) -> --new_presentation
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\Super Cyborg - Steam Edition\Uninstall Super Cyborg - Steam Edition.lnk -> C:\games\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\games\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Printer Software Uninstall.lnk -> C:\Windows\System32\spool\drivers\x64\3\EPUPDATE.EXE (SEIKO EPSON CORPORATION) -> /R
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R2880 Buy Ink.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_IARNCXA.EXE (SEIKO EPSON CORPORATION) -> /T "MENU" /D "EPSON Stylus Photo R2880" /M "Stylus Photo R2880" /A
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R2880 Driver Update.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_GUPA20.EXE (SEIKO EPSON CORPORATION) -> /P "EPSON Stylus Photo R2880" /R E_GUPA2E.DLL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R2880 Online Support.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> .\SPOOL\DRIVERS\x64\3\E_IGEPCXA.DLL,GE_OpenELINK "Stylus Photo R2880"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R380 Series Buy Ink.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_FAMDBOA.EXE (SEIKO EPSON CORPORATION) -> /T "MENU" /D "EPSON Stylus Photo R380 Series" /M "Stylus Photo R380" /A
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R380 Series Driver Update.lnk -> C:\Windows\System32\spool\drivers\x64\3\E_DUPA10.EXE (SEIKO EPSON CORP.) -> /P "EPSON Stylus Photo R380 Series" /R E_DUPA1A.DLL
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elf Bowling The Last Insult\Other Games.lnk -> C:\games\Elf Bowling The Last Insult\ElfBowling.exe () -> -GCSShowOtherGames
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desktop Toilet 5.0\Uninstall Desktop Toilet.lnk -> C:\Program Files (x86)\Desktop Toilet 5.0\uninstall.exe (Indigo Rose Corporation) -> "/U:C:\Program Files (x86)\Desktop Toilet 5.0\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Uninstall\Uninstall Spyder4Elite.lnk -> C:\Windows\unvise32.exe (MindVision Software) -> C:\PROGRA~2\DATACO~1\SPYDER~2\uninstal.log
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datacolor\Uninstall\Uninstall Spyder4Pro.lnk -> C:\Windows\unvise32.exe (MindVision Software) -> C:\PROGRA~2\DATACO~1\SPYDER~3\uninstal.log
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled Blitz\Uninstall Bejeweled Blitz.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {22BA5519-3320-4E67-A45A-7F0B80E6E0EA}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bejeweled 3\Uninstall Bejeweled 3.lnk -> C:\Windows\Bejeweled 3\uninstall.exe () -> "/U:C:\games\bj3\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Athentech Imaging\Perfectly Clear Complete V3 (x64)\Удалить Perfectly Clear Complete V3.lnk -> C:\Windows\System32\msiexec.exe (Microsoft Corporation) -> /x {822954B3-8E68-4356-BD2A-7208927D4201}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Around the World in 80 Levels\Uninstall Around the World in 80 Levels.lnk -> C:\Windows\SysWOW64\msiexec.exe (Microsoft Corporation) -> /x {1D296966-4DD2-4E45-A2E3-C2966D55B0B5}
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft\Aiseesoft Video Converter Ultimate\Visit Product.lnk -> C:\Program Files (x86)\Video Converter Ultimate\Aiseesoft Video Converter Ultimate.exe (Aiseesoft) -> --pop_product_url
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Computer Management.lnk -> C:\Windows\System32\compmgmt.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Event Viewer.lnk -> C:\Windows\System32\eventvwr.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Performance Monitor.lnk -> C:\Windows\System32\perfmon.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Security Configuration Management.lnk -> C:\Windows\System32\secpol.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Windows PowerShell Modules.lnk -> C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe (Microsoft Corporation) -> -NoExit -ImportSystemModules
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Mobility Center.lnk -> C:\Windows\System32\mblctr.exe (Microsoft Corporation) -> /open
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Welcome Center.lnk -> C:\Windows\System32\rundll32.exe (Microsoft Corporation) -> %SystemRoot%\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Resource Monitor.lnk -> C:\Windows\System32\perfmon.exe (Microsoft Corporation) -> /res
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Task Scheduler.lnk -> C:\Windows\System32\taskschd.msc () -> /s
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Speech Recognition.lnk -> C:\Windows\Speech\Common\sapisvr.exe (Microsoft Corporation) -> -SpeechUX
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
ShortcutWithArgument: C:\Users\Gpa-Jim\Desktop\Printing\WPS Writer.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> /wps /w /fromksolaunch /from=desktop_shortcut
ShortcutWithArgument: C:\Users\Gpa-Jim\Desktop\GAMES\Sky Force Reloaded.lnk -> C:\games\New folder (2)\Sky Force Reloaded\Sky Force Reloaded.exe () -> /run
ShortcutWithArgument: C:\Users\Gpa-Jim\Desktop\APPS\Adobe Application Manager.lnk -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\core\PDapp.exe (Adobe Systems Incorporated) -> --appletID=CCM_UI --appletVersion=1.0 --workflow=CCM_workflow_launch
ShortcutWithArgument: C:\Users\Gpa-Jim\Desktop\APPS\VeBest Astrology.lnk -> C:\Program Files (x86)\VeBest\Astrology\Astrology.exe () -> VeBest Astrology
ShortcutWithArgument: C:\Users\Gpa-Jim\Desktop\APPS\VeBest Numerology.lnk -> C:\Program Files (x86)\VeBest\Numerology7\VBNC.exe (VeBest) -> VeBest Numerology 7
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Presentation.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> /wpp /w /fromksolaunch /from=startmenu
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Spreadsheets.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> /et /fromksolaunch /from=startmenu
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Writer.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> /wps /w /fromksolaunch /from=startmenu
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office\WPS Office Tools\Check for WPS Office Updates.lnk -> C:\Users\Gpa-Jim\AppData\Local\Kingsoft\WPS Office\10.2.0.6020\wtoolex\wpsupdate.exe (Zhuhai Kingsoft Office Software Co.,Ltd) -> /from:manual
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Topaz Labs\Topaz Studio\Uninstall Topaz Studio.lnk -> C:\Program Files\Topaz Labs\Topaz Studio\UpdateManager.exe () -> --uninstall
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jv16 PowerTools 2017\Uninstall jv16 PowerTools 2017.lnk -> C:\Program Files (x86)\jv16 PowerTools 2017\Uninstall\uninstall.exe (Indigo Rose Corporation) -> /U:"C:\Program Files (x86)\jv16 PowerTools 2017\Uninstall\uninstall.xml"
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Solitaire.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () -> --profile-directory=Default --app-id=blpebaehgfgkcmmjjknibibbjacnplim
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Acoustica CD Label Maker\Uninstall.lnk -> C:\Program Files (x86)\Acoustica CD Label Maker\cdlabel.exe ( Acoustica Inc.) -> UNINSTALL
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> -extoff
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk -> C:\Windows\System32\control.exe (Microsoft Corporation) -> /name Microsoft.EaseOfAccessCenter
ShortcutWithArgument: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\SendTo\Fax Recipient.lnk -> C:\Windows\System32\WFS.exe (Microsoft Corporation) -> /SendTo
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7\Visit our site.url -> URL: hxxp://www.ursoftware.com/?ref=setup
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\MoviePlus X6\Download latest Adobe Reader.url -> URL: hxxp://www.adobe.com/products/acrobat/readstep2_allversions.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Serif Applications\MoviePlus X6\Download latest Apple QuickTime.url -> URL: hxxp://www.apple.com/quicktime/download/win.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rovio\Full Games and Software.url -> URL: hxxp://123fullsetup.blogspot.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Restore Point Creator\Restore Point Creator on the Web.url -> URL: hxxp://www.toms-world.org/blog/restore_point_creator
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games\Water Bugs\Visit PopCap.com.url -> URL: hxxp://www.popcap.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64\MPC-HC on the Web.url -> URL: hxxp://mpc-hc.org/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Loaris Trojan Remover\Loaris Trojan Remover on the Web.url -> URL: hxxp://www.loaris.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url -> URL: hxxp://java.com/help
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url -> URL: hxxp://java.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Home Photo Studio\Upgrade.url -> URL: hxxp://home-photo-studio.com/order.php
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Home Photo Studio\Visit Website.url -> URL: hxxp://home-photo-studio.com
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Helicon Software\Helicon Focus 6\Helicon Software in Internet.url -> URL: hxxp://www.heliconsoft.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\The Swindle\Documents\Support.url -> URL: hxxp://www.gog.com/support/the_swindle
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\realMyst Masterpiece Edition\Documents\Support.url -> URL: hxxp://www.gog.com/support/real_myst_masterpiece_edition
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com\Oddworld - New 'n' Tasty\Documents\Support.url -> URL: hxxp://www.gog.com/support/oddworld_new_n_tasty
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5\Website.url -> URL: hxxp://www.glarysoft.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Stylus Photo R380 Series Online Support.url -> URL: hxxp://www.epson.com/cgi-bin/Store/support/supDetail.jsp?sku=C11C658011
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\Perfection V600 User's Guide\Perfection V600 User's Guide.url -> URL: hxxps://files.support.epson.com/htmldocs/prv6ph/prv6phug/index.htm
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON\EPSON Scan\Epson Perfection V600 Online Support.url -> URL: hxxp://www.epson.com/cgi-bin/Store/support/supDetail.jsp?sku=B11B198011
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Generator\Order Full Version.url -> URL: hxxp://ams-photo-software.com/products/order_21.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collage Generator\Visit Web Site.url -> URL: hxxp://ams-photo-software.com/products/product_21.html
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\Get Involved.url -> URL: hxxps://calibre-ebook.com/get-involved
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre 64bit - E-book Management\User Manual.url -> URL: hxxps://manual.calibre-ebook.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BurnAware Premium\BurnAware Home on the Web.url -> URL: hxxp://www.burnaware.com/
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Art Explosion Calendar Maker\Visit Website.url -> URL: hxxp://usa.novadevelopment.com/redirect?redirectcode=20150604013951780
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\AKVIS Home and News page.url -> URL: hxxp://akvis.com/en/index.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Download.url -> URL: hxxp://akvis.com/en/download-windows-software.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Frequently Asked Questions.url -> URL: hxxp://akvis.com/en/support/index.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Order product.url -> URL: hxxp://akvis.com/en/refocus/price-sharpen-photo.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Support.url -> URL: hxxp://akvis.com/en/support/feedback.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Refocus\Tutorial.url -> URL: hxxp://akvis.com/en/refocus-tutorial/howwork/index.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\AKVIS Home and News page.url -> URL: hxxp://akvis.com/en/index.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Download.url -> URL: hxxp://akvis.com/en/download-windows-software.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Frequently Asked Questions.url -> URL: hxxp://akvis.com/en/support/index.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Order product.url -> URL: hxxp://akvis.com/en/neon/price.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Support.url -> URL: hxxp://akvis.com/en/support/feedback.php?ref=winmenu
InternetURL: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AKVIS\Neon\Tutorial.url -> URL: hxxp://akvis.com/en/neon-tutorial/howwork/index.php?ref=winmenu
InternetURL: C:\Users\Gpa-Jim\Google Drive\Facebook L&J.URL -> URL: hxxps://www.facebook.com/
InternetURL: C:\Users\Gpa-Jim\Google Drive\Inbox (1) - [email protected] - Gmail.URL ->
InternetURL: C:\Users\Gpa-Jim\Favorites\Google Search.url -> URL: hxxp://smart-homepage.blogspot.com/
InternetURL: C:\Users\Gpa-Jim\Favorites\Windows Live\Get Windows Live.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=69172
InternetURL: C:\Users\Gpa-Jim\Favorites\Windows Live\Windows Live Gallery.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=70742
InternetURL: C:\Users\Gpa-Jim\Favorites\Windows Live\Windows Live Mail.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68925
InternetURL: C:\Users\Gpa-Jim\Favorites\Windows Live\Windows Live Spaces.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68927
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSN Autos.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=55143
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSN Entertainment.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68924
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSN Money.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68923
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSN Sports.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68921
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSN.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=54729
InternetURL: C:\Users\Gpa-Jim\Favorites\MSN Websites\MSNBC News.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=68922
InternetURL: C:\Users\Gpa-Jim\Favorites\Microsoft Websites\IE Add-on site.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=50893
InternetURL: C:\Users\Gpa-Jim\Favorites\Microsoft Websites\IE site on Microsoft.com.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=44661
InternetURL: C:\Users\Gpa-Jim\Favorites\Microsoft Websites\Microsoft At Home.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=55424
InternetURL: C:\Users\Gpa-Jim\Favorites\Microsoft Websites\Microsoft At Work.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=68920
InternetURL: C:\Users\Gpa-Jim\Favorites\Microsoft Websites\Microsoft Store.url -> URL: hxxp://go.microsoft.com/fwlink/?linkid=140813
InternetURL: C:\Users\Gpa-Jim\Favorites\Links for United States\GobiernoUSA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129792
InternetURL: C:\Users\Gpa-Jim\Favorites\Links for United States\USA.gov.url -> URL: hxxp://go.microsoft.com/fwlink/?LinkId=129791
InternetURL: C:\Users\Gpa-Jim\Favorites\Links\Full Games and Software.url -> URL: hxxp://123fullsetup.blogspot.com/
InternetURL: C:\Users\Gpa-Jim\Favorites\Links\Google Search.url -> URL: hxxp://smart-homepage.blogspot.com/
InternetURL: C:\Users\Gpa-Jim\Favorites\Links\Suggested Sites.url -> URL: hxxps://ieonline.microsoft.com/#ieslice
InternetURL: C:\Users\Gpa-Jim\Desktop\(19) Facebook.URL -> URL: hxxps://www.facebook.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\Express Scripts Members Start Home Delivery, Order Refills, Order Prescriptions.URL -> URL: hxxps://www.express-scripts.com/index.html
InternetURL: C:\Users\Gpa-Jim\Desktop\HGTV Dream Home 2017 Giveaway DIY.URL -> URL: hxxp://www.diynetwork.com/hgtv-dream-home
InternetURL: C:\Users\Gpa-Jim\Desktop\HGTV Smart Home Sweepstakes HGTV Smart Home Sweepstakes HGTV.URL -> URL: hxxp://www.hgtv.com/design/hgtv-smart-home/sweepstakes
InternetURL: C:\Users\Gpa-Jim\Desktop\How to Customize Your Icons in Windows.URL -> URL: hxxps://www.howtogeek.com/howto/13631/customize-your-icons-in-windows-7-and-vista/
InternetURL: C:\Users\Gpa-Jim\Desktop\httpsnanasplace6605.shutterfly.com.URL -> URL: hxxps://nanasplace6605.shutterfly.com/#%3aemid%3dsite_sitecreated%26cid%3dSHARE3SXXXX
InternetURL: C:\Users\Gpa-Jim\Desktop\Incompetech Royalty-Free Music.URL -> URL: hxxp://incompetech.com/music/
InternetURL: C:\Users\Gpa-Jim\Desktop\MDHHS - Michigan Department of Health and Human Services.URL -> URL: hxxp://www.michigan.gov/mdhhs/
InternetURL: C:\Users\Gpa-Jim\Desktop\MyChart - Login Page.URL -> URL: hxxps://mychart.hfhs.org/mychart/
InternetURL: C:\Users\Gpa-Jim\Desktop\Paper 32 The Evolution of Local Universes; Online Study Edition.URL -> URL: hxxp://www.urantiabook.org/newbook/ose-papers/pose032.htm
InternetURL: C:\Users\Gpa-Jim\Desktop\Pinterest Discover and save creative ideas.URL -> URL: hxxps://www.pinterest.com/search/pins/?q=metaphysical&rs=rs&term_meta%5B%5D=metaphysical%7Crecentsearch%7C1
InternetURL: C:\Users\Gpa-Jim\Desktop\Robot Smileys, Robot Emoticons by SmileyCentral AllSmileys.com.URL -> URL: hxxp://www.allsmileys.com/smiley-central-robot.php
InternetURL: C:\Users\Gpa-Jim\Desktop\Shutterfly.URL -> URL: hxxps://photos.shutterfly.com/library
InternetURL: C:\Users\Gpa-Jim\Desktop\Speedtest.net by Ookla - The Global Broadband Speed Test.URL -> URL: hxxp://www.speedtest.net/
InternetURL: C:\Users\Gpa-Jim\Desktop\YouTube.URL -> URL: hxxp://www.youtube.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\WORKING ON PICS\(99) Kendall Hawkins - Kendall Hawkins added a new photo..URL -> URL: hxxps://www.facebook.com/photo.php?fbid=10153365463043458&set=rpd.653643457&type=3&theater
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\0DayDown 0天与您关注资讯.URL -> URL: hxxp://www.0daydown.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\4realtorrentz Clean and Free Software.URL -> URL: hxxp://www.4realtorrentz.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Actions, Pattern & Styles » Free Download Vector Stock Image Photoshop Icon.URL -> URL: hxxp://graphicex.com/photoshop/actions-pattern-styles/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\ConCen oddball site.URL -> URL: hxxps://concen.org/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\DirtyWarez Top 42 Forum Sites.URL -> URL: hxxp://dirtywarez.org/cat/forum
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\downTURK - Download Fresh Hidden Object Games.URL -> URL: hxxp://www.downturk.net/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\HitzWarez GOOD.URL -> URL: hxxp://hitzwarez.net/forum/index.php?act=idx
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Kickassrips.com — Where Qualty does matter.URL -> URL: hxxp://kickassrips.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\LeeGT-Games.URL -> URL: hxxp://leegt-games.blogspot.de/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Our Paradise Island Forum.URL -> URL: hxxp://ourparadiseisland.com/index.php
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Owl's Nest.URL -> URL: hxxp://www.owlsnest.info/forums/index.php?
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Photoshop Add-ons » Free Print Templates - Graphic Design - Stock Vectors - Web Design Elements.URL -> URL: hxxp://graphicflux.com/add-ons/photoshop_add-ons/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\PuZo.ORG (Powered by Invision Power Board).URL -> URL: hxxp://www.puzo.org/index.php?
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\RARBG Torrents , filmi , download.URL -> URL: hxxps://rarbg.to/torrents.php
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\TeamOS Get Customized OS, Games, Softwares and Many More..... by Torrent And Direct Download.URL -> URL: hxxp://www.teamos-hkrg.com/index.php
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\tehPARADOX.COM Online Sharing Community.URL -> URL: hxxp://tehparadox.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\The Pirate Bay - The galaxy's most resilient BitTorrent site.URL -> URL: hxxp://thepiratebay.se/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Top 59 Warez Blogs - Ummmmm - Owl's Nest.URL -> URL: hxxp://www.owlsnest.info/forums/index.php?showtopic=98265
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Torrent Downloads - download free torrents!.URL -> URL: hxxp://www.torrentdownloads.me/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Torrent Search Engine.URL -> URL: hxxp://www.toorgle.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\Torrentbit.net - search torrents, download torrents, torrent download - NO ADS - Enjoy!.URL -> URL: hxxp://www.torrentbit.net/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\User control panel - Demonoid.URL -> URL: hxxp://www.demonoid.ph/user_control_panel.php?rel=1404450521
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\WarezSerbia - Download For All.URL -> URL: hxxp://warez-serbia.com/
InternetURL: C:\Users\Gpa-Jim\Desktop\various pirate sites\[multi] Photodex Proshow Producer v6.0.3410 And Photodex Proshow Effects Pack v6.0 - Applications - FWBB.URL -> URL: hxxp://fwbb.org/index.php/topic/345877-photodex-proshow-producer-v603410-and-photodex-proshow-effects-pack-v60/?hl=%2Bphotodex+%2Bproshow+%2Bproducer
InternetURL: C:\Users\Gpa-Jim\Desktop\Printing\Perfection V600 User's Guide.url -> URL: hxxps://files.support.epson.com/htmldocs/prv6ph/prv6phug/index.htm
InternetURL: C:\Users\Gpa-Jim\Desktop\Printing\FONTTWISTER\FontTwister user area.URL -> URL: hxxp://www.neuber.com/twister/reguser.html
InternetURL: C:\Users\Gpa-Jim\Desktop\Helicon\Helicon Focus Help - Helicon Remote.URL -> URL: hxxp://www.heliconsoft.com/HeliconRemoteHelp/english/HeliconRemote.html#HR_SAVE_IMGS_IN_CAMERA
InternetURL: C:\Users\Gpa-Jim\Desktop\Ching Liu\Ching_Liu - TPB.URL -> URL: hxxps://thepiratebay.se/user/Ching_Liu/
InternetURL: C:\Users\Gpa-Jim\Desktop\Ching Liu\Download ChingLiu's Torrents 1337x.URL -> URL: hxxp://1337x.to/ChingLiu-torrents/2/
InternetURL: C:\Users\Gpa-Jim\Desktop\APPS\Ching Liu\ChingLiu Torrents - Page 1 - ExtraTorrent.cc The World's Largest BitTorrent System.URL -> URL: hxxp://extratorrent.cc/profile/ChingLiu/torrents/
InternetURL: C:\Users\Gpa-Jim\Desktop\APPS\Ching Liu\Ching_Liu - TPB.URL -> URL: hxxps://thepiratebay.se/user/Ching_Liu/
InternetURL: C:\Users\Gpa-Jim\Desktop\APPS\Ching Liu\Download ChingLiu's Torrents 1337x.URL -> URL: hxxp://1337x.to/ChingLiu-torrents/2/
InternetURL: C:\Users\Gpa-Jim\Desktop\APPS\Ching Liu\Profile of ChingLiu - Uploads - KickassTorrents.URL -> URL: hxxp://kickass.to/user/ChingLiu/uploads/
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\A Hair Masking Trick That'll Blow Your Mind - Topaz Labs Blog.URL -> URL: hxxp://blog.topazlabs.com/tutorials/hair-masking-trick-blow-your-mind/
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\How to Create a See Through Frame Effect in Photoshop - PHLEARN.URL -> URL: hxxps://phlearn.com/tutorial/see-through-frame-effect-photoshop/
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\How to Cut Out Hair with the Brush Tool in Photoshop.URL -> URL: hxxps://phlearn.com/cut-hair-brush-tool-photoshop?utm_source=Phlearn+Newsletter&utm_campaign=ee6825fbea-11_21_16_Cut_Out_Hair&utm_medium=email&utm_term=0_3ad9c122af-ee6825fbea-101573593&mc_cid=ee6825fbea&mc_eid=9041f052db
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\How to Reduce Noise in Adobe Camera Raw - f64 Academy.URL -> URL: hxxp://f64academy.com/reduce-noise-adobe-camera-raw/?mc_cid=db3ab66cd9&mc_eid=ef7a60f360
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\How to Use Select and Mask in Photoshop.URL -> URL: hxxps://phlearn.com/use-select-mask-photoshop
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\Hugin - Panorama photo stitcher.URL -> URL: hxxp://hugin.sourceforge.net/
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\Learning Removing Fringe Photoshop.com.URL -> URL: hxxp://www.photoshop.com/tutorials/607
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\Multiplicity Photography Tutorial - YouTube.URL -> URL: hxxps://www.youtube.com/watch?v=3spT03p0XAQ
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\Noise Reduction Like a Pro - f64 Academy.URL -> URL: hxxp://f64academy.com/how-to-reduce-noise-like-a-pro/?mc_cid=ec91bd2989&mc_eid=ef7a60f360
InternetURL: C:\Users\Gpa-Jim\Desktop\ADOBE\Tricky Cut Outs made EASY and FAST PHOTOSHOP #76 - YouTube.URL -> URL: hxxps://www.youtube.com/watch?v=myecPHJ8Iwo
InternetURL: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Windows\Start Menu\Goodgame Empire.url -> URL: hxxp://empire.goodgamestudios.com/?w=310984
InternetURL: C:\Users\Gpa-Jim\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.url -> URL: hxxp://empire.goodgamestudios.com/?w=310984
==================== End of Shortcut.txt =============================
Attached Files
-
FRST - Copy.txt 70.77KB
196 downloads
-
Shortcut - Copy.txt 150.22KB
328 downloads
-
Addition.txt 88.61KB
256 downloads
Edited by Menkaure, 18 April 2018 - 06:08 PM.
Sign In
Create Account
