agent.tesla/redline stealer dual infection – help request | #firefox | #chrome | #microsoftedge

. please advise

Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe <23>

(Malwarebytes Corporation -> Malwarebytes Corporation) C:UsersStudioDesktopmbarmbar.exe

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKUS-1-5-21-3663378538-2047212209-1910426402-1000…Run: [GoogleChromeAutoLaunch_AE11DD999CCB93BB6492453EBA64B896] => “C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe” –no-startup-window /prefetch:5

HKUS-1-5-18…Run: [Plex Media Server] => C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe [21494384 2021-02-23] (Plex, Inc. -> Plex, Inc.)

HKUS-1-5-18…RunOnce: [SPReview] => C:WindowsSystem32SPReviewSPReview.exe [301568 2014-10-30] (Microsoft Windows -> Microsoft Corporation)

HKLM…PrintMonitorsCanon BJ Language Monitor MP495 series: C:Windowssystem32CNMLMA9.DLL [361472 2010-08-25] (CANON INC.) [File not signed]

HKLM…PrintMonitorsCutePDF Writer Monitor: C:Windowssystem32cpwmon64.dll [87600 2013-10-23] (Acro Software Inc. -> )

HKLMSoftwareMicrosoftActive SetupInstalled Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:Windowssystem32cmd.exe /D /C start C:Windowssystem32ie4uinit.exe -ClearIconCache

HKLMSoftwareWow6432NodeMicrosoftActive SetupInstalled Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:Windowssystem32cmd.exe /D /C start C:Windowssystem32ie4uinit.exe -ClearIconCache

HKLMSoftware…AuthenticationCredential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDCREDPROV.DLL [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05287AA0-7562-485A-83D0-1D9A15C72F9E} – System32TasksAppleAppleSoftwareUpdate => C:Program Files (x86)Apple Software UpdateSoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)

Task: {0E4B35C4-47C2-42C7-AE53-EA7288DEBAAC} – System32TasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000UA => C:UsersStudioAppDataLocalDropboxUpdateDropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)

Task: {103A84D7-C4BE-43E1-8CC7-1B4F979FF65C} – System32Tasks{E63D80E2-0FF6-43B0-B9B3-49BBAC10277F} => C:Windowssystem32pcalua.exe -a G:DownloadsWaveLabAspiWaveLabAspi.exe -d G:DownloadsWaveLabAspi

Task: {1360AFF4-1DC5-48D6-A136-0861104039F2} – System32Tasks{0EC94FD8-A6A4-4499-8EE7-71329AADE65C} => C:Windowssystem32pcalua.exe -a C:UsersStudioDesktopSecurityHijackThis.exe -d C:UsersStudioDesktopSecurity

Task: {2C1C1B42-760E-4712-93AB-AAE7B0453456} – System32TasksGoogleUpdateTaskMachineUA => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-01-04] (Google LLC -> Google LLC)

Task: {3D109EAD-68F8-45F9-8E0E-C9B8FFB673B4} – System32TasksNVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNVIDIA GeForce ExperienceNVIDIA GeForce Experience.exe [3560304 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {401B1573-647B-46BF-9816-EC305200C346} – System32TasksNvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [855408 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5002F56B-444E-4131-8132-CF20AA887353} – System32TasksGoogleUpdateTaskMachineCore => C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [156104 2020-01-04] (Google LLC -> Google LLC)

Task: {52FE5B73-3F33-48D6-9DA0-4B6C55DCC087} – System32TasksNvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationNvNodenvnodejslauncher.exe [1003888 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {5BEBBB4B-3D60-4056-B548-10E9404FD698} – System32TasksNvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvBackendNvBatteryBoostCheck” -l 3 -f C:ProgramDataNVIDIANvContainerBatteryBoostCheck.log

Task: {5C6A06EB-9159-4E0A-9385-5DADE6EC3268} – System32Tasks{58F173F3-815C-40C2-B0D2-688B87CBD607} => C:Windowssystem32pcalua.exe -a “G:DownloadsInstall_ReWire_&_Rex_for_WindowsVistaInstall ReWire & Rex for Windows Vista.exe” -d G:DownloadsInstall_ReWire_&_Rex_for_WindowsVista

Task: {647F57F3-AC73-4766-8A10-54AAFAA79B7A} – System32TasksMicrosoftWindowsPLANew Data Collector Set => C:Windowssystem32rundll32.exe C:Windowssystem32pla.dll,PlaHost “New Data Collector Set” “$(Arg0)”

Task: {64B6F981-9480-47F1-9E9B-E6ABF0FB8151} – System32TasksNvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {6A3C8E39-B0C3-4F72-AA81-F1C58157DAD5} – System32TasksASUSASUS RegRun Loader => C:Program Files (x86)ASUSAASP1.01.05AsLoader.exe [803968 2010-01-13] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

Task: {746727A9-F669-4CED-BE1A-B7521FE1021F} – System32TasksFirefox Default Browser Agent 7FF2029F3253ECF3 => C:UsersStudioAppDataRoamingbcwgree [41112 2020-01-02] (Microsoft Corporation -> Microsoft Corporation) <==== ATTENTION

Task: {865C2EFF-E44C-4B89-80BB-BE18B3984326} – System32TasksInstaller_LaunchProduct_StopAd_b760b41a-fb76-4f42-a35d-eae4d2941e82 => C:Program Files (x86)NovnifyStopAdStopAd.exe

Task: {904C916C-ED8F-4462-B132-14B0AE219691} – System32TasksAdobeGCInvoker-1.0 => C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe [3022416 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

Task: {98058EC2-5377-4542-BF9D-EF3D6E38B106} – System32TasksNvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {AB20242B-1685-43E6-8825-A4864E38D2AE} – System32Tasks{058FD677-F85D-4C1E-AA22-7F538D5D46F8} => C:Windowssystem32pcalua.exe -a “G:Downloadsdotnetfx35 (1).exe” -d G:Downloads

Task: {AE1C3E21-FADB-4EAE-82A4-BAE9E9B56671} – System32TasksNvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationUpdate CoreNvProfileUpdater64.exe [855408 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {B1F67259-5AA4-4F14-873E-E6BFB1DEAF9C} – System32TasksCCleanerSkipUAC => C:Program FilesCCleanerCCleaner.exe [6851288 2016-07-13] (Piriform Ltd -> Piriform Ltd)

Task: {B787D4A7-0259-4E47-A61A-F37C4195B8D1} – System32TasksNvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation) -> -d “C:Program FilesNVIDIA CorporationNvDriverUpdateCheck” -l 3 -f C:ProgramDataNVIDIANvContainerDriverUpdateCheck.log

Task: {BBAD5D14-B8CA-4936-9DFB-4F30075CDFE2} – System32Tasks{63E3C6E9-EEA4-4497-A762-E4F4B35701F5} => C:Windowssystem32pcalua.exe -a G:Downloadsdotnetfx35.exe -d G:Downloads

Task: {BBF617B9-D69D-45C1-A3C2-BBAAE218B2A8} – System32TasksNvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {BE5CCC9B-D641-4CCF-8326-8F997EA9D3B0} – System32TasksMicrosoftWindows LiveSOXEExtractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}

Task: {C1A8FE64-4590-418B-BBA5-945F5E2BFD69} – System32TasksGoogleUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000UA => C:UsersStudioAppDataLocalGoogleUpdateGoogleUpdate.exe [153752 2016-11-08] (Google Inc -> Google Inc.)

Task: {D03FEE8F-3470-4544-A978-340D5B2705CA} – System32TasksNvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmRep.exe [887152 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {D3EC2034-09D9-4198-9ECE-733BB0D7A659} – System32TasksGoogleUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000Core => C:UsersStudioAppDataLocalGoogleUpdateGoogleUpdate.exe [153752 2016-11-08] (Google Inc -> Google Inc.)

Task: {D85E6A0C-5143-4834-B6CA-D53691E70678} – System32TasksRed Giant Link => C:Program FilesRed Giant LinkRed Giant Link.exe

Task: {ED6D5208-341C-4F00-889C-9B40A61E7C5F} – System32TasksNvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:Program Files (x86)NVIDIA CorporationUpdate CoreNvTmMon.exe [562544 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

Task: {F604EDC3-0667-4868-8FE3-DA1AF381319A} – System32Tasks{628D8BB2-9EE0-4AD0-97B7-736BAA41DE3D} => C:Windowssystem32pcalua.exe -a G:Downloadslastpass_x64.exe -d “C:Program Files (x86)Mozilla Firefox”

Task: {F72520B3-A8EC-4975-9DD5-0AD0EB68E5C7} – System32Tasks{2889B547-7754-41FE-A032-8A373344E6B9} => C:Windowssystem32pcalua.exe -a G:DownloadsNetFx64.exe -d G:Downloads

Task: {F84C9FE1-8DE4-4221-8206-1E74DC9A9BD5} – System32TasksAdobeAAMUpdater-1.0-Studio-PC-Studio => C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

Task: {FD506AF1-00F5-495B-A57A-324847E73824} – System32TasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000Core => C:UsersStudioAppDataLocalDropboxUpdateDropboxUpdate.exe [143144 2016-11-04] (Dropbox, Inc -> Dropbox, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:WindowsTasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000Core.job => C:UsersStudioAppDataLocalDropboxUpdateDropboxUpdate.exe

Task: C:WindowsTasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000UA.job => C:UsersStudioAppDataLocalDropboxUpdateDropboxUpdate.exe

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3663378538-2047212209-1910426402-1000] => 107.172.14.157:80

Winsock: Catalog5 05 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5 06 C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [145648 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5 09 C:Program Files (x86)BonjourmdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)

Winsock: Catalog5-x64 05 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 06 C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDNSP.DLL [171760 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

Winsock: Catalog5-x64 09 C:Program FilesBonjourmdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)

Tcpip..Interfaces{51CE502F-91A0-461C-BF93-06AB18EEC1EE}: [DhcpNameServer] 192.168.1.254

Tcpip..Interfaces{55D0D71C-86FE-4280-9F81-E5B858742EA8}: [DhcpNameServer] 172.16.0.1

Tcpip..Interfaces{BBAEEE0D-0B2D-4578-B0C1-9BE4BF841FA0}: [DhcpNameServer] 75.75.75.75 75.75.76.76

FF ProfilePath: C:UsersStudioAppDataRoamingPrismProfiles7jjdub7s.default [2012-09-14]

FF ProfilePath: C:UsersStudioAppDataRoamingPrismbrian_80Profiles25wqwd1m.default [2013-02-19]

FF Homepage: Prismbrian_80Profiles25wqwd1m.default -> hxxp://a1771334.myuniquesee.com/start.php

FF ProfilePath: C:UsersStudioAppDataRoamingMozillaFirefoxProfilesfgfw3yog.Profile 1 [2016-08-22]

FF Homepage: MozillaFirefoxProfilesfgfw3yog.Profile 1 -> hxxps://www.malwarebytes.org/restorebrowser/_secureddownload_16_34&param1=1&param2=f%3D1%26b%3DFirefox%26cc%3Dus%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzutDtDtDyEyD0AyD0CtC0Ezz0CyE0BtAzytN0D0Tzu0StCyCzyyDtN1L2XzutAtFtByEtFyCtFyCtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2StCyBtByBtAzyyC0CtGtCyEzzyBtG0EyEyB0DtGtC0A0AtDtG0A0CyByCyByD0CyEyBzzyDtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2StCtA0BtD0F0A0AyEtGyC0EyE0BtGyE0CyCtCtG0B0B0C0FtGzy0DtAtC0B0CtA0CzyyD0E0B2QtN0A0LzutB%26cr%3D122298769%26a%3Dwncy_secureddownload_16_34%26os_ver%3D6.1%26os%3DWindows%2B7%2BUltimate

FF ProfilePath: C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.default [2021-05-06]

FF user.js: detected! => C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultuser.js [2011-12-31]

FF Homepage: MozillaFirefoxProfilesa658gq66.default -> hxxp://www.smmmarket.com/sell/index.php

FF NetworkProxy: MozillaFirefoxProfilesa658gq66.default -> backup.ftp”, “67.214.168.145”

FF Extension: (TubeBuddy) – C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultExtensionse389d8c2-5554-4ba2-a36e-ac7a57093130@gmail.com.xpi [2019-11-03]

FF Extension: (Firebug) – C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultExtensionsfirebug@software.joehewitt.com.xpi [2017-03-01] [Legacy]

FF Extension: (Web Scraper) – C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultExtensions{4d22c3b5-8248-4431-ad99-90b1443de5ee}.xpi [2019-04-18]

FF Extension: (Stay secure with CyberGhost VPN Free Proxy) – C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultExtensions{585280b0-ee78-428a-92c5-3fb3c0b85460}.xpi [2021-01-21] [UpdateUrl:hxxps://clients2.google.com/service/update2/crx]

FF Extension: (BetterPrivacy) – C:UsersStudioAppDataRoamingMozillaFirefoxProfilesa658gq66.defaultExtensions{d40f5e7b-d2cf-4856-b441-cc613eeffbe3}.xpi [2016-11-02] [Legacy]

FF Plugin: @java.com/DTPlugin,version=11.171.2 -> C:Program FilesJavajre1.8.0_171bindtpluginnpDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=11.171.2 -> C:Program FilesJavajre1.8.0_171binplugin2npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~1MICROS~2Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:Program FilesTabletPluginsnpWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

FF Plugin: adobe.com/AdobeAAMDetect -> C:Program Files (x86)Common FilesAdobeOOBEPDAppCCMUtilitiesnpAdobeAAMDetect64.dll [No File]

FF Plugin: wacom.com/WacomTabletPlugin -> C:Program FilesTabletPluginsnpWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:Program Files (x86)Javajre1.8.0_171bindtpluginnpDeployJava1.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:Program Files (x86)Javajre1.8.0_171binplugin2npjp2.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:PROGRA~2MICROS~2Office14NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:PROGRA~2MICROS~2Office14NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dll [2013-02-05] (Microsoft Corporation -> Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dv.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:Program Files (x86)NVIDIA Corporation3D Visionnpnv3dvstreaming.dll [2018-03-23] (NVIDIA Corporation PE Sign v2016 -> NVIDIA Corporation) [File not signed]

FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.7.1 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @videolan.org/vlc,version=3.0.8 -> C:Program Files (x86)VideoLANVLCnpvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)

FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:Program Files (x86)TabletPluginsnpWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

FF Plugin-x32: Adobe Reader -> C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dll [2013-12-18] (Adobe Systems, Incorporated -> Adobe Systems Inc.)

FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:Program Files (x86)TabletPluginsnpWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

FF Plugin HKUS-1-5-21-3663378538-2047212209-1910426402-1000: @zoom.us/ZoomVideoPlugin -> C:UsersStudioAppDataRoamingZoombinnpzoomplugin.dll [2020-02-19] (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataDefault [2021-06-10]

CHR Notifications: Default -> hxxps://app.mysms.com; hxxps://crm.zoho.com; hxxps://farm.turborender.com; hxxps://login.fanconnectnow.com; hxxps://tweetdeck.twitter.com; hxxps://yourmainproducer.amocrm.com

CHR StartupUrls: Default -> “hxxp://search.easylifeapp.com/?pid=34&src=ch1&r=2013/04/17&hid=363380504&lg=EN&cc=US”,”hxxp://www.google.com”

CHR Extension: (Google Drive) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsapdfllckaahabafndbhieahigkjlhalf [2020-10-31]

CHR Extension: (Facebook Auto Poster and Scheduler) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsbgbkbddnmplgngbbipkophmcangiahja [2016-04-14]

CHR Extension: (YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]

CHR Extension: (Google Search) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionscoobgpohoikkiipiblmjeljniedjpjpf [2015-10-29]

CHR Extension: (AHA Music – Song Finder for Browser) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsdpacanjfikmhoddligfbehkpomnbgblf [2021-05-03]

CHR Extension: (AdBlock — best ad blocker) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsgighmmpiobklfepjocnamgkkbiglidom [2021-05-03]

CHR Extension: (Twitter Unfollow All) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsgnljhgbcmacopdfedmiaccgfijmnfppo [2018-07-08]

CHR Extension: (TweetDeck by Twitter) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionshbdpomandigafcibbmofojjchbcdagbl [2016-11-18]

CHR Extension: (Email Extractor) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsjdianbbpnakhcmfkcckaboohfgnngfcc [2020-08-24]

CHR Extension: (DS Amazon Quick View) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsjkompbllimaoekaogchhkmkdogpkhojg [2021-05-26]

CHR Extension: (InstaG Downloader) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsjnkdcmgmnegofdddphijckfagibepdlb [2018-07-24]

CHR Extension: (mobile browser emulator) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionslbofcampnkjmiomohpbaihdcbjhbfepf [2017-09-11]

CHR Extension: (Unicorn Smasher) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionslfmmeekapjbfjachdkgabdaoccfclpaa [2020-09-14]

CHR Extension: (Wolf Global – Auto Liker 4.1 (Updated)) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsljpdpanbbfdbjohleahjacncdnohialj [2019-12-01]

CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-07]

CHR Extension: (TubeBuddy) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsmhkhmbddkmdggbhaaaodilponhnccicb [2021-06-08]

CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsmikhcaiakabeeokmenglcdebplfdjicn [2013-10-18]

CHR Extension: (YSlow) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsninejjcohidippngpapiilnmkgllmakh [2016-11-11]

CHR Extension: (Chrome Web Store Payments) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-07]

CHR Extension: (Twitter Video Downloader) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionsogclodogefbbiblfohagjgdeognjkhfm [2020-01-11]

CHR Extension: (vidIQ Vision for YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionspachckjkecffpdphbpmfolblodfkgbhl [2021-06-10]

CHR Extension: (Gmail) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionspjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]

CHR Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalGoogleChromeUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-06-05]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataGuest Profile [2021-05-26]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1 [2021-05-13]

CHR Extension: (Slides) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2018-10-31]

CHR Extension: (Docs) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsaohghmighlieiainnegkcijnfilokake [2018-10-31]

CHR Extension: (Google Drive) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-02-28]

CHR Extension: (YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-31]

CHR Extension: (Sheets) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2018-10-31]

CHR Extension: (Google Docs Offline) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-05-05]

CHR Extension: (Skype) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-10-31]

CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-02-28]

CHR Extension: (Chrome Web Store Payments) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-02-28]

CHR Extension: (Gmail) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-02-28]

CHR Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 1Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-05-05]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2 [2021-04-02]

CHR Extension: (Slides) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-01-04]

CHR Extension: (Docs) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsaohghmighlieiainnegkcijnfilokake [2020-01-04]

CHR Extension: (Google Drive) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-04-02]

CHR Extension: (YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-01-04]

CHR Extension: (Sheets) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-01-04]

CHR Extension: (Google Docs Offline) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-02]

CHR Extension: (Skype) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-01-04]

CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-02]

CHR Extension: (Chrome Web Store Payments) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-02]

CHR Extension: (Gmail) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-04-02]

CHR Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 2Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-02]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3 [2021-04-02]

CHR Extension: (Slides) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2020-03-06]

CHR Extension: (Docs) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsaohghmighlieiainnegkcijnfilokake [2020-03-06]

CHR Extension: (Google Drive) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-04-02]

CHR Extension: (YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2020-03-06]

CHR Extension: (Sheets) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2020-03-06]

CHR Extension: (Google Docs Offline) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-04-02]

CHR Extension: (Skype) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2020-03-06]

CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-04-02]

CHR Extension: (Chrome Web Store Payments) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-04-02]

CHR Extension: (Gmail) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-04-02]

CHR Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 3Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-02]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4 [2021-04-02]

CHR Extension: (Slides) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsaapocclcgogkmnckokdopfmhonfmgoek [2021-03-30]

CHR Extension: (Docs) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsaohghmighlieiainnegkcijnfilokake [2021-03-30]

CHR Extension: (Google Drive) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsapdfllckaahabafndbhieahigkjlhalf [2021-03-30]

CHR Extension: (YouTube) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsblpcfgokakmgnkcojhhkbfbldkacnbeo [2021-03-30]

CHR Extension: (Sheets) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsfelcaaldnbdncclmgdcncolpebgiejap [2021-03-30]

CHR Extension: (Google Docs Offline) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-30]

CHR Extension: (Skype) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2021-03-30]

CHR Extension: (Application Launcher For Drive (by Google)) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionslmjegmlicamnimmfhcmpkclmigmmcbeh [2021-03-30]

CHR Extension: (Chrome Web Store Payments) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionsnmmhkkegccagdldgiimedpiccmgmieda [2021-03-30]

CHR Extension: (Gmail) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionspjkljhegncpnkpknbcohdijeoejaedia [2021-03-30]

CHR Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalGoogleChromeUser DataProfile 4Extensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-30]

CHR Profile: C:UsersStudioAppDataLocalGoogleChromeUser DataSystem Profile [2021-05-26]

CHR HKUS-1-5-21-3663378538-2047212209-1910426402-1000SOFTWAREGoogleChromeExtensions…ChromeExtension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]

StartMenuInternet: Google Chrome.PEXX2KVHOY2X2X5A5TOWP26JB4 – C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe

VIV Profile: C:UsersStudioAppDataLocalVivaldiUser DataDefault [2019-02-26]

VIV Extension: (Skype) – C:UsersStudioAppDataLocalVivaldiUser DataDefaultExtensionslifbcibllhkdhoafpjfnlhfpfgnpldfl [2019-02-20]

VIV Extension: (Chrome Media Router) – C:UsersStudioAppDataLocalVivaldiUser DataDefaultExtensionspkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-02-20]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [65432 2013-12-18] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)

S4 AdobeUpdateService; C:Program Files (x86)Common FilesAdobeAdobe Desktop CommonElevationManagerAdobeUpdateService.exe [818136 2018-09-13] (Adobe Systems Incorporated -> Adobe Inc.)

S4 AGMService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGMService.exe [3374160 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 AGSService; C:Program Files (x86)Common FilesAdobeAdobeGCClientAGSService.exe [3103824 2020-03-04] (Adobe Inc. -> Adobe Systems, Incorporated)

S4 Apple Mobile Device Service; C:Program FilesCommon FilesAppleMobile Device SupportAppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc. -> Apple Inc.)

S4 Asset Management Daemon; C:Program Files (x86)Common FilesPortrait DisplaysPluginsAMdtsslsrv.exe [134624 2016-11-30] (PORTRAIT DISPLAYS, INC. -> )

S4 AsSysCtrlService; C:Program Files (x86)ASUSAsSysCtrlService1.00.02AsSysCtrlService.exe [96896 2011-03-27] (ASUSTeK Computer Inc. -> ASUSTeK Computer Inc.)

S4 DigiRefresh; C:Program FilesAvidPro ToolsMMERefresh.exe [117760 2016-03-25] (Avid Technology, Inc.) [File not signed]

S4 digiSPTIService64; C:Program FilesAvidPro Toolsdigisptiservice64.exe [197632 2016-03-25] (Avid Technology, Inc.) [File not signed]

S4 DTSRVC; C:Program Files (x86)Common FilesPortrait DisplaysShareddtsrvc.exe [142816 2016-11-30] (PORTRAIT DISPLAYS, INC. -> Portrait Displays, Inc.)

S4 Focusrite Control Server; C:Program FilesFocusriteFocusrite ControlServerControlServer.exe [1534976 2020-01-08] (Focusrite Audio Engineering Ltd.) [File not signed]

S4 MacDrive8ServiceD; C:Program FilesMediafourMacDrive 8MacDrive8ServiceD.exe [167424 2009-09-02] (Mediafour Corporation) [File not signed]

S4 MBAMService; C:Program FilesMalwarebytesAnti-MalwareMBAMService.exe [6960640 2019-11-25] (Malwarebytes Inc -> Malwarebytes)

S4 PlexUpdateService; C:Program Files (x86)PlexPlex Media ServerPlex Update Service.exe [1439856 2021-02-23] (Plex, Inc. -> Plex, Inc.)

S4 ss_conn_launcher_service; C:Windowssystem32SamsungEasySetupss_conn_launcher.exe [182120 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S4 ss_conn_service; C:Program FilesSamsungUSB Drivers27_ssconnconnss_conn_service.exe [752224 2019-12-17] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)

S4 ss_conn_service2; C:Program FilesSamsungUSB Drivers28_ssconn2connss_conn_service2.exe [933304 2019-12-17] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)

R2 WinDefend; C:Program FilesWindows Defendermpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

S2 wlidsvc; C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLIDSVC.EXE [2292480 2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

S4 WsAppService3; C:Program Files (x86)WondershareWAF33.0.0.308WsAppService3.exe [83232 2019-06-26] (Wondershare Technology Co.,Ltd -> Wondershare)

S4 WsDrvInst; C:Program Files (x86)WondersharedrfoneLibraryDriverInstallerDriverInstall.exe [130336 2019-12-19] (Wondershare Technology Co.,Ltd -> Wondershare)

S4 PaceLicenseDServices; “C:Program Files (x86)Common FilesPACEServicesLicenseServicesLDSvc.exe” -u hxxps://activation.paceap.com/InitiateActivation

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 7622C635; C:Windowssystem32drivers7622C635.sys [255928 2021-06-10] (Malwarebytes Corporation -> Malwarebytes)

R3 AN983X64; C:WindowsSystem32DRIVERSAN983X64.sys [48128 2005-05-19] (Microsoft Windows Hardware Compatibility Publisher -> Infineon Technologies AG)

S3 androidusb; C:WindowsSystem32Driversandroidusb.sys [32768 2010-04-29] (Microsoft Windows Hardware Compatibility Publisher -> Google Inc)

S3 ASAPIW2K; C:WindowsSysWOW64DriversASAPIW2K.sys [11264 2003-11-28] (Pinnacle Systems GmbH) [File not signed]

S1 AsIO; C:WindowsSysWow64driversAsIO.sys [13440 2011-03-27] (ASUSTeK Computer Inc. -> )

S3 AVID003Rack; C:WindowsSystem32DRIVERSAvid00Rack.sys [516896 2014-02-13] (Avid Technology, Inc. -> Avid)

S3 csrusbfilter; C:WindowsSystem32Driverscsrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Ltd. -> Cambridge Silicon Radio Limited)

S3 dalwdmservice; C:WindowsSystem32driversdalwdm.sys [162832 2008-12-04] (Avid Technology, Inc. -> Digidesign, A Division of Avid Technology, Inc.)

S3 DroidCam; C:WindowsSystem32DRIVERSdroidcam.sys [33592 2015-05-24] (DEV47 APPS -> Dev47Apps)

S3 DroidCamVideo; C:WindowsSystem32DRIVERSdroidcamvideo.sys [229432 2015-05-24] (DEV47 APPS -> Dev47Apps)

S3 FocusritePCIeSwRoot; C:WindowsSystem32DRIVERSFocusritePCIeSwRoot.sys [88080 2016-11-09] (Focusrite Audio Engineering Ltd. -> Focusrite Audio Engineering Ltd.)

S3 FocusriteUSB; C:WindowsSystem32DRIVERSFocusriteUSB.sys [112624 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)

S3 FocusriteUSBSwRoot; C:WindowsSystem32DRIVERSFocusriteUSBSwRoot.sys [92048 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)

S3 FocusriteUSB_AUDIO; C:WindowsSystem32driversFocusriteUSBAudio.sys [53944 2019-08-02] (WDKTestCert builds,131886954661028733 -> Focusrite Audio Engineering Ltd.)

S3 MADFULEGACYKEYBOARD; C:WindowsSystem32DRIVERSMAudioLegacyKeyboard_DFU.sys [28680 2010-02-09] (M-Audio -> M-Audio)

S3 MAUSBLEGACYKEYBOARD; C:WindowsSystem32DRIVERSMAudioLegacyKeyboard.sys [196616 2010-02-09] (M-Audio -> M-Audio)

S3 MAUSBMOBILEPREII; C:WindowsSystem32DRIVERSMAudioMobilePreII.sys [464144 2013-05-23] (Avid Technology, Inc. -> M-Audio)

R3 mbamchameleon; C:Windowssystem32driversMbamChameleon.sys [192952 2021-06-10] (Malwarebytes Corporation -> Malwarebytes)

S0 MDFSYSNT; C:WindowsSystem32DriversMDFSYSNT.sys [333416 2009-09-03] (Mediafour Corporation -> Mediafour Corporation)

R0 MDPMGRNT; C:WindowsSystem32DRIVERSMDPMGRNT.SYS [32352 2009-07-06] (Mediafour Corporation -> Mediafour Corporation)

R3 MTsensor; C:WindowsSystem32DRIVERSASACPI.sys [15416 2011-03-27] (ASUSTeK Computer Inc. -> )

R0 mv91xx; C:WindowsSystem32DRIVERSmv91xx.sys [293416 2010-06-30] (Marvell Semiconductor -> Marvell Semiconductor, Inc.)

S3 Netaapl; C:WindowsSystem32DRIVERSnetaapl64.sys [22528 2012-03-26] (Apple Inc.) [File not signed]

S3 RDID1027; C:WindowsSystem32Driversrdwm1027.sys [81920 2009-09-18] (Roland Corporation -> Roland Corporation)

R1 RegHiveRecovery; C:Windowssystem32driversRegHiveRecovery.sys [48304 2014-02-20] (Microsoft Corporation -> Microsoft Corporation)

S3 RTL8187B; C:WindowsSystem32DRIVERSRTL8187B.sys [416768 2009-06-10] (Microsoft Windows -> Realtek Semiconductor Corporation)

S1 SCDEmu; C:WindowsSystem32DriversSCDEmu.sys [91568 2010-04-12] (Fenghua Lee -> PowerISO Computing, Inc.)

S3 SoundGridMIDI; C:WindowsSystem32driversSoundGridMidi.sys [44088 2018-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Waves Audio Ltd.)

S3 SoundGridMIDI; C:WindowsSysWOW64driversSoundGridMidi.sys [22016 2018-09-03] (Waves Audio Ltd.) [File not signed]

S2 SoundGridProtocol; C:WindowsSystem32DRIVERSSoundGridProtocol.sys [118320 2018-09-03] (Microsoft Windows Hardware Compatibility Publisher -> Waves Audio Ltd.)

S2 SoundGridProtocol; C:WindowsSysWOW64DRIVERSSoundGridProtocol.sys [56832 2018-09-03] (Waves Audio Ltd.) [File not signed]

S3 ssudmdm; C:WindowsSystem32DRIVERSssudmdm.sys [166760 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 ss_conn_usb_driver2; C:WindowsSystem32Driversss_conn_usb_driver2.sys [43368 2019-12-17] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)

S3 tap0901; C:WindowsSystem32DRIVERStap0901.sys [30720 2011-07-13] (OpenVPN Technologies, Inc. -> The OpenVPN Project)

S3 taphss6; C:WindowsSystem32DRIVERStaphss6.sys [42184 2013-06-20] (AnchorFree Inc -> Anchorfree Inc.)

S3 USBAAPL64; C:WindowsSystem32Driversusbaapl64.sys [54784 2015-06-17] (Microsoft Windows Hardware Compatibility Publisher -> Apple, Inc.)

S3 VBAudioVMVAIOMME; C:WindowsSystem32DRIVERSvbaudio_vmvaio64_win7.sys [41192 2018-08-02] (Vincent Burel -> Windows ® Win 7 DDK provider)

R3 vmulti; C:WindowsSystem32DRIVERSvmulti.sys [10752 2020-04-13] (Microsoft Windows Hardware Compatibility Publisher -> Windows ® Win 7 DDK provider)

S3 WDC_SAM; C:WindowsSystem32DRIVERSwdcsam64_prewin8.sys [31920 2018-02-26] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)

S3 WIMMount; C:Program Files (x86)Windows Kits8.1Assessment and Deployment KitDeployment Toolsamd64DISMwimmount.sys [40552 2013-08-22] (Microsoft Corporation -> Microsoft Corporation)

R1 zeonetfilter; C:WindowsSystem32driverszeonetfilter.sys [66112 2018-05-09] (Microsoft Windows Hardware Compatibility Publisher -> NOVNIFY LIMITED.)

S3 Tcpz-x64; ??C:UsersStudioAppDataLocalTempTcpz-x64.sys [X] <==== ATTENTION

S3 WinRing0_1_2_0; ??G:Downloadsopenhardwaremonitor-v0.8.0-betaOpenHardwareMonitorOpenHardwareMonitorLib.sys [X]

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

2064-01-01 13:29 – 2064-01-01 13:29 – 000002892 _____ () C:WindowsSysWOW64audcon.sys

2021-06-10 09:03 – 2021-06-10 09:03 – 000255928 _____ (Malwarebytes) C:Windowssystem32Drivers7622C635.sys

2021-06-10 09:02 – 2021-06-10 09:02 – 000000000 ____D C:UsersStudioDesktopmbar

2021-06-10 08:12 – 2021-06-10 08:12 – 008221696 _____ (Microsoft Corporation) C:UsersStudioAppDataRoamingcliconfg.exe

2021-06-10 08:10 – 2021-06-10 08:10 – 000000000 ____D C:UsersStudioAppDataRoamingPnPUnattend

2021-06-10 08:10 – 2021-06-10 08:10 – 000000000 ____D C:UsersStudioAppDataRoamingnbtstat

2021-06-10 08:10 – 2021-06-10 08:10 – 000000000 ____D C:UsersStudioAppDataRoamingmcbuilder

2021-06-10 08:10 – 2021-06-10 08:10 – 000000000 ____D C:UsersStudioAppDataRoamingdfsrdiag

2021-06-10 08:10 – 2021-06-10 08:09 – 002499584 _____ (Microsoft Corporation) C:UsersStudioAppDataRoamingabcd.exe

2021-06-10 08:09 – 2021-06-10 08:10 – 000000000 ____D C:UsersStudioAppDataRoamingonesa

2021-06-10 08:09 – 2021-06-10 08:09 – 000003596 _____ C:Windowssystem32TasksFirefox Default Browser Agent 7FF2029F3253ECF3

2021-06-10 08:09 – 2021-06-10 08:09 – 000000000 ____D C:UsersStudioAppDataRoamingpcaui

2021-06-10 08:09 – 2021-06-10 08:09 – 000000000 ____D C:UsersStudioAppDataRoamingCached files

2021-05-27 00:46 – 2021-05-27 00:46 – 000000000 ____D C:UsersStudioAppDataRoamingMicrosoftWindowsStart MenuProgramsDropbox

2021-05-26 19:43 – 2021-05-26 19:44 – 000406992 _____ C:WindowsMinidump52621-49452-01.dmp

2021-06-10 11:09 – 2015-10-08 16:42 – 000000000 ____D C:ProgramDataMalwarebytes’ Anti-Malware (portable)

2021-06-10 09:13 – 2019-10-01 22:29 – 000000000 ___HD C:UsersPublicDocumentsAdobeGCData

2021-06-10 09:13 – 2019-10-01 22:29 – 000000000 ___HD C:ProgramDataDocumentsAdobeGCData

2021-06-10 09:03 – 2009-07-14 01:13 – 000782578 _____ C:Windowssystem32PerfStringBackup.INI

2021-06-10 09:02 – 2020-01-29 05:19 – 000192952 _____ (Malwarebytes) C:Windowssystem32DriversMbamChameleon.sys

2021-06-10 08:55 – 2012-08-21 11:59 – 000065536 _____ C:Windowssystem32Ikeext.etl

2021-06-10 08:13 – 2011-03-27 06:03 – 000000000 ____D C:UsersStudioAppDataRoaminguTorrent

2021-06-10 08:12 – 2016-03-27 09:44 – 000000000 ____D C:UsersStudioAppDataLocalCrashDumps

2021-06-10 07:44 – 2015-06-18 18:19 – 000000922 _____ C:WindowsTasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000UA.job

2021-06-10 05:44 – 2015-06-18 18:19 – 000000870 _____ C:WindowsTasksDropboxUpdateTaskUserS-1-5-21-3663378538-2047212209-1910426402-1000Core.job

2021-06-08 15:06 – 2020-02-05 10:51 – 000016560 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2021-06-08 15:06 – 2020-02-05 10:51 – 000016560 ____H C:Windowssystem327B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2021-06-08 14:50 – 2018-04-15 18:53 – 000000000 ____D C:UsersStudioAppDataLocalPlex Media Server

2021-06-08 13:42 – 2011-03-27 09:06 – 000300288 _____ C:UsersStudioAppDataLocalGDIPFONTCACHEV1.DAT

2021-06-08 13:42 – 2009-07-14 00:45 – 005984560 _____ C:Windowssystem32FNTCACHE.DAT

2021-05-27 00:47 – 2011-04-11 21:58 – 000000000 ____D C:UsersStudioAppDataRoamingDropbox

2021-05-26 19:25 – 2016-07-21 15:54 – 000002435 _____ C:UsersStudioAppDataRoamingMicrosoftWindowsStart MenuProgramsGoogle Chrome.lnk

2021-06-10 08:10 – 2021-06-10 08:09 – 002499584 _____ (Microsoft Corporation) C:UsersStudioAppDataRoamingabcd.exe

2011-04-12 13:40 – 2011-10-11 11:28 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe BMP Format CS5 Prefs

2017-03-09 16:23 – 2017-03-09 16:25 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe BMP Format CS6 Prefs

2013-12-17 10:51 – 2017-01-30 17:20 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe GIF Format CS6 Prefs

2013-12-09 15:50 – 2017-01-06 08:31 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe IllExport Filter CS6 Prefs

2011-04-05 17:37 – 2013-02-05 17:16 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe PNG Format CS5 Prefs

2013-02-05 18:37 – 2018-08-16 17:47 – 000000132 _____ () C:UsersStudioAppDataRoamingAdobe PNG Format CS6 Prefs

2020-01-15 00:18 – 2020-01-02 23:33 – 000041112 ___SH (Microsoft Corporation) C:UsersStudioAppDataRoamingbcwgree

2020-02-14 12:49 – 2020-02-14 12:49 – 000027336 _____ () C:UsersStudioAppDataRoamingComma Separated Values (Windows).ADR

2020-01-15 00:18 – 2020-01-02 23:33 – 000248375 ___SH () C:UsersStudioAppDataRoaminghwwcacj

2019-12-02 22:06 – 2020-09-07 10:50 – 000000028 _____ () C:UsersStudioAppDataRoamingkulerdata.json

2014-05-29 13:44 – 2014-05-29 13:44 – 000000248 _____ () C:UsersStudioAppDataRoamingltpReg.txt

2018-08-08 15:26 – 2020-07-23 15:06 – 000000032 _____ () C:UsersStudioAppDataRoamingmsregsvv.dll

2016-05-06 07:22 – 2006-11-30 14:49 – 000368640 _____ (Propellerhead Software AB) C:UsersStudioAppDataRoamingReWire.dll

2016-05-06 07:22 – 2006-11-30 14:49 – 000233472 _____ (Propellerhead Software AB) C:UsersStudioAppDataRoamingREX Shared Library.dll

2013-10-19 09:46 – 2013-10-19 09:46 – 000001275 _____ () C:UsersStudioAppDataRoamingSAS7_000.DAT

2018-08-02 19:39 – 2020-03-30 06:55 – 000004590 _____ () C:UsersStudioAppDataRoamingVoiceMeeterDefault.xml

2016-08-22 18:02 – 2016-08-22 18:02 – 000000047 _____ () C:UsersStudioAppDataRoamingWB.CFG

2013-12-17 11:10 – 2019-02-22 17:26 – 000001456 _____ () C:UsersStudioAppDataLocalAdobe Save for Web 13.0 Prefs

2011-05-28 14:53 – 2019-10-22 11:32 – 000012288 _____ () C:UsersStudioAppDataLocalDCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2018-12-27 09:06 – 2020-02-04 15:08 – 000000081 _____ () C:UsersStudioAppDataLocalFILM_AE_LogFile.txt

2018-09-27 02:00 – 2019-11-11 22:26 – 000002460 _____ () C:UsersStudioAppDataLocaloobelibMkey.log

2014-04-11 17:25 – 2018-07-07 07:48 – 000000600 _____ () C:UsersStudioAppDataLocalPUTTY.RND

2011-04-25 11:04 – 2020-03-30 11:07 – 000007606 _____ () C:UsersStudioAppDataLocalResmon.ResmonCfg

2015-10-07 15:37 – 2015-10-07 15:37 – 000982016 _____ (Robert Simpson, et al.) C:UsersStudioAppDataLocalSystem.Data.SQLite.dll

2011-11-21 07:12 – 2011-11-21 07:14 – 000000000 _____ () C:UsersStudioAppDataLocal{46991482-5313-473E-BB82-CAB55F0A16CC}

2011-11-21 07:14 – 2011-11-21 07:14 – 000000000 _____ () C:UsersStudioAppDataLocal{A6F03F9A-8253-419A-A674-67D54F169533}

safeboot: Minimal => The system is configured to boot to Safe Mode <==== ATTENTION

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-06-2021

Ran by Studio (10-06-2021 11:16:32)

Running from G:Downloads

Windows 7 Ultimate Service Pack 1 (X64) (2011-03-27 01:47:24)

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Accounts: =============================

 

27E11E55ED874810B495 (S-1-5-21-3663378538-2047212209-1910426402-1015 – Limited – Enabled)

Administrator (S-1-5-21-3663378538-2047212209-1910426402-500 – Administrator – Disabled)

D2EAF56527BC496C9792 (S-1-5-21-3663378538-2047212209-1910426402-1013 – Limited – Enabled)

Guest (S-1-5-21-3663378538-2047212209-1910426402-501 – Limited – Enabled)

HomeGroupUser$ (S-1-5-21-3663378538-2047212209-1910426402-1007 – Limited – Enabled)

Studio (S-1-5-21-3663378538-2047212209-1910426402-1000 – Administrator – Enabled) => C:UsersStudio

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled – Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…uTorrent) (Version: 3.4.1.31139 – BitTorrent Inc.)

AAS – Lounge Lizard EP-4 (HKLM-x32…Lounge Lizard EP-4) (Version:  – Applied Acoustics Systems)

Adobe After Effects CC 2019 (HKLM-x32…AEFT_16_0) (Version: 16.0 – Adobe Systems Incorporated)

Adobe Bridge CC 2019 (HKLM-x32…KBRG_9_0) (Version: 9.0 – Adobe Systems Incorporated)

Adobe Creative Cloud (HKLM-x32…Adobe Creative Cloud) (Version: 3.7.0.270 – Adobe Systems Incorporated)

Adobe Illustrator CC 2019 (HKLM-x32…ILST_23_0_0_530) (Version: 23.0 – Adobe Systems Incorporated)

Adobe Media Encoder CC 2019 (HKLM-x32…AME_13_0) (Version: 13.0 – Adobe Systems Incorporated)

Adobe Media Player (HKLM-x32…com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 – Adobe Systems Incorporated)

Adobe Photoshop 2021 Patch (HKLM-x32…{86AB4DA9-6987-419F-A237-66EB38496854}) (Version: 1.0.0 – OSTeam)

Adobe Photoshop CC 2019 (HKLM-x32…PHSP_20_0_1) (Version: 20.0.1 – Adobe Systems Incorporated)

Adobe Pixel Bender Toolkit 2 (HKLM-x32…{D5CC77BE-BC5B-424E-8E45-DF60AFF7BE9C}) (Version: 2.0 – Adobe Systems Incorporated)

Adobe Premiere Pro CC 2019 (HKLM-x32…PPRO_13_0) (Version: 13.0 – Adobe Systems Incorporated)

Adobe Reader X (10.1.9) (HKLM-x32…{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.9 – Adobe Systems Incorporated)

Adobe Story (HKLM-x32…com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 – Adobe Systems Incorporated)

Adobe Update Management Tool (HKLM-x32…{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 8.0 – PainteR)

aescripts + aeplugins components (HKLM-x32…{58C0BFF8-3511-4EF6-A2B9-D7E85220F3C4}) (Version: 1.0.0.0 – aescripts + aeplugins)

AI Suite (HKLM-x32…{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.20 – )

Alesis VI49 Editor (HKLM-x32…{48938710-E602-4746-AA5C-1A2AA3C0F0CB}) (Version: 1.0.1 – Alesis)

Ample Bass J II version 2.2.0 (HKLM-x32…{04C42F03-37A2-481A-8D1B-9F03164B23CA}_is1) (Version: 2.2.0 – Ample Sound Technology Co., Ltd.)

Ample Bass P II version 2.6.5 (HKLM-x32…{1C181D3B-41B6-4714-AB59-91E18C5EE708}_is1) (Version: 2.6.5 – Ample Sound Technology Co., Ltd.)

Ample Guitar F II version 2.0.2 (HKLM-x32…{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.0.2 – Ample Sound Technology Co., Ltd.)

Ample Guitar T II version 2.1.0 (HKLM-x32…{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.1.0 – Ample Sound Technology Co., Ltd.)

Ample Metal Ray5 II version 2.2.0 (HKLM-x32…{3272F255-346F-4D4A-8E6D-9AD5D927D79A}_is1) (Version: 2.2.0 – Ample Sound Technology Co., Ltd.)

Android Studio (HKLM…Android Studio) (Version: 3.4 – Google LLC)

Antares Autotune Evo VST RTAS v6.0.9 (HKLM-x32…Antares Autotune Evo VST RTAS_is1) (Version:  – )

Apple Application Support (32-bit) (HKLM-x32…{D079CAAD-0C31-47A2-9AF5-A82F9CD9B221}) (Version: 5.2 – Apple Inc.)

Apple Application Support (64-bit) (HKLM…{64E6007B-1DA9-42CD-BBE4-D5FA67A7C71D}) (Version: 5.2 – Apple Inc.)

Apple Mobile Device Support (HKLM…{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 – Apple Inc.)

Apple Software Update (HKLM-x32…{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 – Apple Inc.)

Arturia V Collection 5 (HKLM…V Collection 5_is1) (Version: 5.3.0 – Arturia)

ASAPI (HKLM-x32…{8A7E941F-2BB4-47D0-B732-8AE5F3513B68}) (Version: 6.0.0 – Pinnacle Systems GmbH)

ASIO4ALL (HKLM-x32…ASIO4ALL) (Version: 2.14 – Michael Tippach)

Assessments on Client (HKLM-x32…{C1C83898-5A60-AE9D-A3AB-7534375CA453}) (Version: 8.100.26866 – Microsoft) Hidden

Audacity 2.3.2 (HKLM-x32…Audacity_is1) (Version: 2.3.2 – Audacity Team)

Authorizer 1.0.2 (HKLM-x32…Authorizer_is1) (Version: 1.0.2 – Propellerhead Software AB)

Authorizer Ignition Key Support (HKLM…{82078B7A-9C6F-4DB5-8201-FF1007073B63}) (Version: 1.0.0.0 – Propellerhead Software AB) Hidden

AviSynth 2.6 (HKLM-x32…AviSynth) (Version: 2.6.0.4 – GPL Public release.)

Backmask version 1.0 (HKLM…{8A6411FB-7E85-4B61-9624-C624C89B9A07}_is1) (Version: 1.0 – Freakshow Industries)

Backup and Sync from Google (HKLM…{3CBE1074-3A4F-4BA6-95E3-7A660B54FE33}) (Version: 3.55.3625.9414 – Google, Inc.)

Blue Cat’s PatchWork AAX-x64 (v2.2) (HKLM…{3E527A0C-2F01-409b-B830-DF91BD9BEDA3}) (Version: 2.2 – Blue Cat Audio)

Bonjour (HKLM…{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 – Apple Inc.)

Boris Continuum Complete 9 OFX for Sony (64-Bit) (HKLM…{3DF67BF0-17E8-4537-951C-758102AB87F7}) (Version: 9.0.2005 – Boris FX, Inc.)

BorisFX Sapphire OFX (HKLM…GenArts Sapphire OFX_is1) (Version: 11.0.1 – Team V.R)

Camtasia 9 (HKLM…{B8A4CB7E-7F5B-484F-A127-E4431000EDCE}) (Version: 9.0.4.1948 – TechSmith Corporation) Hidden

Camtasia 9 (HKLM-x32…{5957dd25-bb4e-4234-9dc0-b3e10a70f636}) (Version: 9.0.4.1948 – TechSmith Corporation)

CCleaner (HKLM…CCleaner) (Version: 5.20 – Piriform)

Celemony Melodyne 4 (HKLM…Melodyne 4_is1) (Version: 4.2.1.003 – Celemony)

CopyTrans Suite Remove Only (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…CopyTrans Suite) (Version: 4.008 – WindSolutions)

CPUID CPU-Z 1.86 (HKLM…CPUID CPU-Z_is1) (Version: 1.86 – CPUID, Inc.)

Custom Shop version 1.8.0 (HKLM-x32…{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.8.0 – IK Multimedia)

CutePDF Writer 3.0 (HKLM…CutePDF Writer Installation) (Version:  3.0 – CutePDF.com)

D3DX10 (HKLM-x32…{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 – Microsoft) Hidden

DatPiff Plays Increaser 1.994 (HKLM-x32…{4983E945-479E-4882-8AD6-52F228B6B326}_is1) (Version:  – )

Devious Machines Duck (HKLM…Duck_is1) (Version: 1.0.13 – Devious Machines)

Devious Machines Pitch Monster (HKLM…Pitch Monster_is1) (Version: 1.0.18 – Devious Machines)

Devious Machines Texture (HKLM…Texture_is1) (Version: 1.5.15 – Devious Machines)

Digidesign HFS+ Disk Support (HKLM…{F8EFEC11-933A-4F67-AB51-773293FA20BB}) (Version: 8.0.2.3 – Digidesign, A Division of Avid Technology, Inc.)

dr.fone (Version 10.1.1) (HKLM-x32…{E8F86DA8-B8E4-42C7-AFD4-EBB692AC43FD}_is1) (Version: 10.1.1.74 – Wondershare Technology Co.,Ltd.)

Dropbox (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…Dropbox) (Version: 123.4.4832 – Dropbox, Inc.)

DumpsterFire version 1.01 (HKLM…{B2F19491-19F8-4116-966F-06B581001600}}_is1) (Version: 1.01 – Freakshow Industries)

DUNE 2 (HKLM-x32…DUNE 2_is1) (Version:  – Synapse Audio Software)

eLicenser Control (HKLM-x32…eLicenser Control) (Version: 6.11.3.1229 – Steinberg Media Technologies GmbH)

EVGA Precision 2.0.2 (HKLM-x32…Precision) (Version: 2.0.2 – EVGA Corporation)

Expresso (HKLM-x32…{E3EB518B-A8D0-4C86-847C-A86AF0FC8D11}) (Version: 3.0.4334 – Ultrapico)

FabFilter Total Bundle (HKLM…Total Bundle_is1) (Version: 2018.02.22 – FabFilter)

Farfisa V (HKLM…Farfisa V_is1) (Version: 1.3.0.1391 – Arturia & Team V.R)

FastPictureViewer Codec Pack 3.8.0.96 (HKLM-x32…{BFE9CBED-9536-4D1C-AE35-B7DDC1AD79B6}) (Version: 3.8.0.96 – Axel Rietschin Software Developments)

FileZilla Client 3.43.0 (HKLM-x32…FileZilla Client) (Version: 3.43.0 – Tim Kosse)

FL Studio 20 (HKLM-x32…FL Studio 20) (Version:  – Image-Line)

FL Studio ASIO (HKLM-x32…FL Studio ASIO) (Version:  – Image-Line)

Focusrite Control 3.5.0.1754 (HKLM…Focusrite Control_is1) (Version: 3.5.0.1754 – Focusrite Audio Engineering Ltd.)

Focusrite Thunderbolt 4.25.0.335 (HKLM…Focusrite Thunderbolt_is1) (Version: 4.25.0.335 – Focusrite Audio Engineering Ltd.)

Focusrite USB 4.63.24.564 (HKLM…Focusrite USB_is1) (Version: 4.63.24.564 – Focusrite Audio Engineering, Ltd.)

FontBase 2.13.2 (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…ffc1e284-e25b-515d-b453-93eb9fe955eb) (Version: 2.13.2 – Dominik Levitsky Studio, LLC)

Google Chrome (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…Google Chrome) (Version: 91.0.4472.77 – Google LLC)

Google Update Helper (HKLM-x32…{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 – Google Inc.) Hidden

Google Video Support Plugin (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 19.12.1000.0 – Google, LLC.)

Grace 64bit 1.0.4.9 (HKLM…Grace_is1) (Version:  – One Small Clue)

GSA Search Engine Ranker v10.70 (HKLM-x32…GSA Search Engine Ranker_is1) (Version: 10.70 – GSA Software)

Haali Media Splitter (HKLM-x32…HaaliMkx) (Version:  – )

HalfTime 1.0.1 (HKLM…HalfTime_is1) (Version: 1.0.1 – CableGuys & Team V.R)

Heatup3 (HKLM-x32…{InitialAudio-Heatup3}) (Version: 3.0.3 – Initial Audio)

HP Display Assistant (HKLM-x32…{17B371B7-740F-4C83-BDFE-0C3A2C585103}) (Version: 3.20.016 – Portrait Displays, Inc.)

iCloud (HKLM…{4BB313CE-D3D1-424C-8823-15CF85B00B05}) (Version: 6.1.0.30 – Apple Inc.)

IG Scraper Limited version 1.5 (HKLM-x32…{5A13B098-503D-4C8E-976E-EF9605E26A53}_is1) (Version: 1.5 – xbox-clips.com, Inc.)

IK Multimedia Authorization Manager version 1.0.19 (HKLM…{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.19 – IK Multimedia)

IL Gross Beat (HKLM-x32…IL Gross Beat) (Version:  – Image-Line)

ImgBurn (HKLM-x32…ImgBurn) (Version: 2.5.8.0 – LIGHTNING UK!)

Inspyder Backlink Monitor (HKLM…{FD161119-FE24-443D-AD08-E269522F88EC}_is1) (Version:  – Inspyder Software Inc.)

Intel® C++ Redistributables on IA-32 (HKLM-x32…{7858618B-FA45-4797-988D-4E8B793C3B88}) (Version: 17.0.109 – Intel Corporation)

Intel® C++ Redistributables on Intel® 64 (HKLM-x32…{A7D3C4B3-2CA8-46F3-9C34-63205AC018FF}) (Version: 17.0.109 – Intel Corporation)

Intel® Hardware Accelerated Execution Manager (HKLM…{7516A945-5FC4-4563-8F5E-EECDBF61E84F}) (Version: 7.5.1 – Intel Corporation)

Interlok driver setup x64 (HKLM…{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.9.0 – PACE Anti-Piracy, Inc.)

iTunes (HKLM…{81C96689-EA5B-4B7D-A04F-16326EC51BC2}) (Version: 12.5.4.42 – Apple Inc.)

iZotope RX 7 Audio Editor Advanced (HKLM…RX 7 Audio Editor Advanced_is1) (Version: 7.00 – iZotope & Team V.R)

Jarvee (HKLM-x32…{9D1EA30B-26FB-4FD9-BE37-0927E7E6F315}) (Version: 14.1.7 – Jarvee) Hidden

Jarvee (HKLM-x32…Jarvee 14.1.7) (Version: 14.1.7 – Jarvee)

Java 8 Update 171 (64-bit) (HKLM…{26A24AE4-039D-4CA4-87B4-2F64180171F0}) (Version: 8.0.1710.11 – Oracle Corporation)

Java 8 Update 171 (HKLM-x32…{26A24AE4-039D-4CA4-87B4-2F32180171F0}) (Version: 8.0.1710.11 – Oracle Corporation)

Java™ SE Development Kit 7 Update 3 (64-bit) (HKLM…{64A3A4F4-B792-11D6-A78A-00B0D0170030}) (Version: 1.7.0.30 – Oracle)

JavaFX 2.0.3 (64-bit) (HKLM…{1111706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 – Oracle Corporation)

JavaFX 2.0.3 SDK (64-bit) (HKLM…{2222706F-666A-4037-7777-203648764D10}) (Version: 2.0.3 – Oracle Corporation)

join.me (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…JoinMe) (Version: 3.4.0.5369 – LogMeIn, Inc.)

KENWOOD Music Editor Light (HKLM-x32…{B58B86DE-CBCE-45B4-B45F-39849AEAF2FB}) (Version: 1.2 – JVCKENWOOD Corporation)

Kits Configuration Installer (HKLM-x32…{B74E65FD-CC47-41C5-4B89-791A3F61942D}) (Version: 8.100.25984 – Microsoft) Hidden

K-Lite Codec Pack 7.2.0 (Standard) (HKLM-x32…KLiteCodecPack_is1) (Version: 7.2.0 – )

Kontakt 5 NO INSTALL (HKLM…{4B3E0D95-3270-4B88-9EDE-A065680EF65C}_is1) (Version: 5.8.0.36 – Native Instruments)

Log Parser 2.2 (HKLM-x32…{4AC23178-EEBC-4BAF-8CC0-AB15C8897AC9}) (Version: 2.2.10 – Microsoft Corporation)

Magic Bullet Suite v13.0.6 (HKLM-x32…{99487911-8011-42BC-B594-8B02BFD32B1D}_is1) (Version: 13.0.6 – Red Giant, LLC)

MagicYUV Lossless Video Codec version 1.1 (HKLM-x32…{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.1 – INNOMAGIC Bt.)

Malwarebytes version 4.0.4.49 (HKLM…{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 – Malwarebytes)

marvell 91xx driver (HKLM-x32…MagniDriver) (Version: 1.0.0.1042 – Marvell)

M-Audio Legacy Keyboard Driver 5.0.0 (x64) (HKLM…{2CA9F96F-AFFC-4D41-B781-47EBD2378DB8}) (Version: 5.0.0 – M-Audio)

Microsoft .NET Framework 4.8 (HKLM…{92FB6C44-E685-45AD-9B20-CADF4CABA132} – 1033) (Version: 4.8.03761 – Microsoft Corporation)

Microsoft LifeCam (HKLM…{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 – Microsoft Corporation)

Microsoft Office Professional Plus 2010 (HKLM-x32…Office14.PROPLUS) (Version: 14.0.4734.1000 – Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32…{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable – x64 8.0.61000 (HKLM…{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 – Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable – x86 8.0.61001 (HKLM-x32…{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x64 9.0.30729.6161 (HKLM…{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable – x86 9.0.30729.6161 (HKLM-x32…{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 – Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable – x64 10.0.40219 (HKLM…{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2010 Redistributable – x86 10.0.40219 (HKLM-x32…{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 – Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) – 11.0.61030 (HKLM-x32…{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 – Корпорация Майкрософт)

Microsoft Visual C++ 2012 Redistributable (x86) – 11.0.61030 (HKLM-x32…{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 – Корпорация Майкрософт)

Microsoft Visual C++ 2013 Redistributable (x64) – 12.0.40664 (HKLM-x32…{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 – Корпорация Майкрософт)

Microsoft Visual C++ 2013 Redistributable (x86) – 12.0.40664 (HKLM-x32…{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 – Корпорация Майкрософт)

Microsoft Visual C++ 2015-2019 Redistributable (x86) – 14.24.28127 (HKLM-x32…{e31cb1a4-76b5-46a5-a084-3fa419e82201}) (Version: 14.24.28127.4 – Microsoft Corporation)

Microsoft Visual C++ 2017 Redistributable (x64) – 14.16.27027 (HKLM-x32…{fd9b6070-d13e-45dc-819b-41806bf45b6b}) (Version: 14.16.27027.1 – Microsoft Corporation)

Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM…Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 – Microsoft Corporation)

Miroslav Philharmonik (HKLM-x32…{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 – IK Multimedia)

Miroslav Philharmonik 2 version 2.0.5 (HKLM…{CF8EE134-AD62-4D47-81A5-A42CAE3B1710}_is1) (Version: 2.0.5 – IK Multimedia)

Movie Maker (HKLM-x32…{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 – Microsoft Corporation) Hidden

Movie Maker (HKLM-x32…{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 – Microsoft Corporation) Hidden

Mozilla Firefox 86.0.1 (x64 en-US) (HKLM…Mozilla Firefox 86.0.1 (x64 en-US)) (Version: 86.0.1 – Mozilla)

Mozilla Maintenance Service (HKLM-x32…MozillaMaintenanceService) (Version: 86.0.1.7739 – Mozilla)

Mp3tag v3.00 (HKLM-x32…Mp3tag) (Version: 3.00 – Florian Heidenreich)

MSXML 4.0 SP2 (KB954430) (HKLM-x32…{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 – Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32…{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 – Microsoft Corporation)

MSXML 4.0 SP2 Parser and SDK (HKLM-x32…{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 – Microsoft Corporation)

MusicBrainz Picard (HKLM-x32…MusicBrainz Picard) (Version: 2.2.2 – MusicBrainz)

Native Instruments Kinetic Toys (HKLM-x32…Native Instruments Kinetic Toys) (Version: 1.0.0.39 – Native Instruments)

Native Instruments Passive EQ (HKLM-x32…Native Instruments Passive EQ) (Version: 1.3.0.1145 – Native Instruments)

Native Instruments Service Center (HKLM-x32…Native Instruments Service Center) (Version: 2.6.0.137 – Native Instruments)

Node.js (HKLM…{B6F2F882-2B4A-4AC0-8BD5-BF6F087A7F01}) (Version: 12.15.0 – Node.js Foundation)

Notepad++ (HKLM-x32…Notepad++) (Version: 6.1.3 – )

NVIDIA 3D Vision Controller Driver 390.41 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 – NVIDIA Corporation)

NVIDIA 3D Vision Driver 391.35 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 – NVIDIA Corporation)

NVIDIA GeForce Experience 3.16.0.122 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 – NVIDIA Corporation)

NVIDIA Graphics Driver 391.35 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 – NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.36.6 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 – NVIDIA Corporation)

NVIDIA PhysX System Software 9.17.0524 (HKLM…{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 – NVIDIA Corporation)

OBS Studio (HKLM-x32…OBS Studio) (Version: 23.0.0 – OBS Project)

obs-asio (HKLM-x32…obs-asio) (Version:  – )

Octoparse 8.2.2 (HKLM…{12f8f786-7629-5a71-b8b2-885a2a74fa6d}) (Version: 8.2.2 – Octopus Data Inc.)

Ozone 8 Advanced (HKLM-x32…Ozone 8) (Version: 8.00 – iZotope, Inc.)

PACE License Support Win64 (HKLM…{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 – PACE Anti-Piracy, Inc.) Hidden

PACE License Support Win64 (HKLM-x32…InstallShield_{83E92696-D92D-4c7e-B094-0BE853B191FE}) (Version: 2.5.2.1034 – PACE Anti-Piracy, Inc.)

PCR Driver (HKLM…RolandRDID0027) (Version:  – Roland Corporation)

PE-DESIGN 10 (Trial Version) (HKLM-x32…{48BE5394-566D-4166-A00E-6426A497AE15}) (Version: 10.01.0000 – Brother Industries, Ltd.)

Pentablet version 1.6.4.210111 (HKLM…{5DAB8C1A-6D8E-467D-BE62-AC13087AA950}_is1) (Version: 1.6.4.210111 – )

Plex Media Server (HKLM-x32…{4d99a028-68e9-44ef-bd17-e79275ca6c49}) (Version: 1.21.4.4079 – Plex, Inc.)

Plex Media Server (HKLM-x32…{8814C965-46C7-4ACE-A890-B32E7517ACAD}) (Version: 1.21.4079 – Plex, Inc.) Hidden

Plugin Boutique Scaler (HKLM…Scaler_is1) (Version: 1.2.0 – Plugin Boutique)

PowerISO (HKLM-x32…PowerISO) (Version: 4.7 – PowerISO Computing, Inc.)

PxMergeModule (HKLM-x32…{024521CF-C07E-4F8E-8481-0D75695E03AF}) (Version: 1.00.0000 – Your Company Name) Hidden

QuickTime 7 (HKLM-x32…{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 – Apple Inc.)

Realtek 8136 8168 8169 Ethernet Driver (HKLM-x32…{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0005 – Realtek)

REAPER (x64) (HKLM…REAPER) (Version:  – )

Reason 5.0 (HKLM-x32…Reason5_is1) (Version: 5.0 – Propellerhead Software AB)

Record 1.5 (HKLM-x32…Record1.5_is1) (Version: 1.5 – Propellerhead Software AB)

Record Ignition Key Support (HKLM…{799A2570-329C-4BFC-8207-5951EE1326C4}) (Version: 1.0.0.0 – Propellerhead Software AB) Hidden

ReCycle 2.2 (HKLM…ReCycle2.2_64_is1) (Version: 2.2 – Propellerhead Software AB)

Red 2 & Red 3 Plug-in Suite version 1.1 (HKLM…Red 2 & Red 3 Plug-in Suite_is1) (Version: 1.1 – Focusrite Audio Engineering Limited)

reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32…reFX Nexus_is1) (Version:  – )

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32…{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 – Renesas Electronics Corporation) Hidden

Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32…InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.4.0 – Renesas Electronics Corporation)

Reverse (HKLM-x32…{Reverse-InitialAudio}) (Version: 1.0.3 – Initial Audio)

Revo Uninstaller 2.1.0 (HKLM…{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.1.0 – VS Revo Group, Ltd.)

Roland VS JUNO-106 (HKLM…JUNO-106_is1) (Version: 1.0.4 – Roland VS)

Rosetta Stone Version 3 (HKLM-x32…{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 – Rosetta Stone Ltd.)

Samsung DeX (HKLM-x32…{0924F03B-F48D-445B-9302-43E86707EC8B}) (Version: 1.0.1.40 – Samsung Electronics Co., Ltd.) Hidden

Samsung DeX (HKLM-x32…{e539e534-854a-46d2-b8f8-f6a3405f782a}) (Version: 1.0.1.40 – Samsung Electronics Co., Ltd.)

Samsung USB Driver for Mobile Phones (HKLM…{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.23.0 – Samsung Electronics Co., Ltd.)

SDK (HKLM-x32…{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 3.02.002 – Portrait Displays, Inc.) Hidden

SketchUp 2017 (HKLM…{F1E181BD-01D6-4754-92CC-DB8C259B9B28}) (Version: 17.0.18899 – Trimble, Inc.)

Skype Click to Call (HKLM-x32…{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 – Microsoft Corporation)

Sndbad Shaders 1.04 (HKLM-x32…Sndbad Shaders 1.04) (Version: 1.04 – Sndbad)

Sp5 (HKLM-x32…{560F47F7-EB23-44B1-AAFC-667F1CD8FE5C}) (Version: 5.1.4324.0 – Microsoft) Hidden

Sp5Intl (HKLM-x32…{FD4B33E1-24AE-4535-AA7B-162B30FB57CD}) (Version: 5.1.4324.0 – Microsoft) Hidden

Sp5TTInt (HKLM-x32…{E415C943-37E5-473F-8BAE-043C56734124}) (Version: 5.1.4324.0 – Microsoft) Hidden

SpCommon (HKLM-x32…{6C3959C6-943E-44B3-BAAD-570B04B134E5}) (Version: 5.1.4324.0 – Microsoft) Hidden

Spotify (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…Spotify) (Version: 1.1.16.522.g55a4b852 – Spotify AB)

SpPhones (HKLM-x32…{4DFF1415-4C29-44A8-BFD4-2BCE249C4991}) (Version: 6.0.3122.0 – Microsoft) Hidden

Steinberg Cubase 5 (HKLM-x32…{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}) (Version: 5.1.2 – Steinberg Media Technologies GmbH)

Steinberg Drum Loop Expansion 01 (HKLM-x32…{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 1.0.0.1 – Steinberg Media Technologies GmbH)

Steinberg Groove Agent ONE Content (HKLM-x32…{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 – Steinberg Media Technologies GmbH)

Steinberg HALionOne (HKLM-x32…{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 – Steinberg Media Technologies GmbH)

Steinberg HALionOne Additional Content Set 01 (HKLM-x32…{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 – Steinberg Media Technologies GmbH)

Steinberg HALionOne Expression Set (HKLM-x32…{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 – Steinberg Media Technologies GmbH)

Steinberg HALionOne GM Drum Set (HKLM-x32…{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 – Steinberg Media Technologies GmbH)

Steinberg HALionOne GM Set (HKLM-x32…{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 – Steinberg Media Technologies GmbH)

Steinberg HALionOne Pro Set (HKLM-x32…{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 – Steinberg Media Technologies GmbH)

Steinberg HALionOne Studio Set (HKLM-x32…{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 – Steinberg Media Technologies GmbH)

Steinberg LoopMash Content (HKLM-x32…{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 1.0.0.005 – Steinberg Media Technologies GmbH)

Steinberg REVerence Content 01 (HKLM-x32…{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 1.0.0.006 – Steinberg Media Technologies GmbH)

Steinberg WaveLab Elements 9 64bit (HKLM…{82A66F09-F05F-4891-925A-DA9DFD84F46B}) (Version: 9.0.25 – Steinberg Media Technologies GmbH)

Stopping Plex (HKLM-x32…{BBCC35B6-3657-41A4-A961-3BD807F9F381}) (Version: 1.21.4079 – Plex, Inc.) Hidden

Sugar Bytes Effectrix 1.4.3 (HKLM…Effectrix_is1) (Version: 1.4.3 – Sugar Bytes)

Sugar Bytes TransVST 1.0 (HKLM…TransVST_is1) (Version: 1.0 – Sugar Bytes)

Swift 3D v6.00 (HKLM-x32…{65EEA363-8D47-4268-BBCE-85CD54ACDC15}) (Version: 6.00.0000 – Electric Rain, Inc.)

TDR Nova version 2.1.0 (HKLM…TDR Nova_is1) (Version: 2.1.0 – Tokyo Dawn Labs)

TEAM R2R Roland Cloud Emulator (HKLM…Roland Cloud Emulator_is1) (Version: 1.1.0 – TEAM R2R)

Telegram Desktop version 2.2 (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 2.2 – Telegram FZ-LLC)

Toolkit Documentation (HKLM-x32…{6C870B12-6FF2-68FC-8C3B-DD177BBF3F92}) (Version: 8.100.26866 – Microsoft) Hidden

Topaz Adjust 5 (HKLM-x32…Topaz Adjust 5) (Version: 5.2.0 – Topaz Labs, LLC)

Topaz B&W Effects (HKLM-x32…Topaz BW Effects 2) (Version: 2.1.0 – Topaz Labs, LLC)

Topaz Clarity (HKLM-x32…Topaz Clarity) (Version: 1.1.0 – Topaz Labs, LLC)

Topaz Clean 3 (HKLM-x32…Topaz Clean 3) (Version: 3.2.0 – Topaz Labs, LLC)

Topaz DeJpeg 4 (HKLM-x32…Topaz DeJpeg 4) (Version: 4.1.0 – Topaz Labs, LLC)

Topaz DeNoise 6 (HKLM-x32…Topaz DeNoise 6) (Version: 6.0.1 – Topaz Labs, LLC)

Topaz Detail 3 (HKLM-x32…Topaz Detail 3) (Version: 3.3.0 – Topaz Labs, LLC)

Topaz Fusion Express 2 (HKLM-x32…Topaz Fusion Express 2) (Version: 2.1.3 – Topaz Labs, LLC)

Topaz Glow 2 (HKLM…Topaz Glow 2) (Version: 2.0.0 – Topaz Labs, LLC)

Topaz Impression 2 (HKLM-x32…Topaz Impression 2) (Version: 2.0.5 – Topaz Labs, LLC)

Topaz InFocus (HKLM-x32…Topaz InFocus) (Version: 1.1.0 – Topaz Labs, LLC)

Topaz Lens Effects (HKLM-x32…Topaz Lens Effects) (Version: 1.3.0 – Topaz Labs, LLC)

Topaz ReMask 4 (HKLM-x32…Topaz ReMask 4) (Version: 4.0.0 – Topaz Labs, LLC)

Topaz ReMask 5 (HKLM-x32…Topaz ReMask 5) (Version: 5.0.1 – Topaz Labs, LLC)

Topaz ReStyle (HKLM-x32…Topaz ReStyle) (Version: 1.1.0 – Topaz Labs, LLC)

Topaz Simplify 4 (HKLM-x32…Topaz Simplify 4) (Version: 4.2.0 – Topaz Labs, LLC)

Topaz Star Effects (HKLM-x32…Topaz Star Effects) (Version: 1.2.0 – Topaz Labs, LLC)

Topaz Texture Effects 2 (HKLM-x32…Topaz Texture Effects 2) (Version: 2.1.1 – Topaz Labs, LLC)

Trapcode Suite (HKLM…Trapcode Suite v14.1.2) (Version:  – Red Giant LLC)

Trapcode Suite (HKLM…Trapcode Suite v15.0.0) (Version:  – Red Giant LLC)

Trapcode Suite 64-bit (HKLM…{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 – Red Giant Software) Hidden

Trapcode Suite 64-bit (HKLM-x32…InstallShield_{5210717F-CAFD-4F21-8DF7-6ED3862725C4}) (Version: 12.1.0 – Red Giant Software)

UBot Studio 5 (HKLM-x32…{C99227B7-D3A6-4088-92EE-6067DE8DB3A3}) (Version: 5.0.0.0 – Seth Turin Media, Inc.)

Universal Adb Driver (HKLM-x32…{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 – ClockworkMod)

UT Cache Cleaner v3.0 (HKLM-x32…{A44721BB-80BE-45A0-8679-F71E94400CAC}) (Version: 3.0 – <no manufacturer>)

Valhalla DSP Valhalla VintageVerb (HKLM…Valhalla VintageVerb_is1) (Version: 1.7.1 – Valhalla DSP)

Vegas Pro 13.0 (64-bit) (HKLM…{1EEE0BEE-0BC8-11E5-A19E-F04DA23A5C58}) (Version: 13.0.453 – Sony)

VIA Platform Device Manager (HKLM-x32…InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 – VIA Technologies, Inc.)

Viena (HKLM-x32…Viena_is1) (Version:  – Kenneth Rundt)

VLC media player (HKLM-x32…VLC media player) (Version: 3.0.8 – VideoLAN)

Voicemeeter, The Virtual Mixing Console (HKLM-x32…VB:Voicemeeter {17359A74-1236-5467}) (Version:  – VB-Audio Software)

Vst To Rtas Adapter V2.11 (HKLM-x32…Vst To Rtas Adapter V2.11) (Version: “2.11” – “FXpansion”)

Vulkan Run Time Libraries 1.0.65.1 (HKLM…VulkanRT1.0.65.1) (Version: 1.0.65.1 – LunarG, Inc.) Hidden

Wacom (HKLM…Pen Tablet Driver) (Version: 5.3.5-3 – Wacom Technology Corp.)

WaveLab 6 (HKLM-x32…WaveLabPro) (Version: 6.1.1.353 – Steinberg)

Waves Central 10.0.1.3 (HKLM-x32…{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 10.0.1 – Waves, Inc.)

Waves Complete (HKLM…Complete_is1) (Version: 2016.08.31 – Waves)

Waves SoundGrid Drivers 10.0.10.47 (HKLM…Waves SoundGrid Drivers_is1) (Version:  – Waves Audio Ltd.)

WebTablet FB Plugin 32 bit (HKLM-x32…Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 – Wacom Technology Corp.)

WebTablet FB Plugin 64 bit (HKLM…Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 – Wacom Technology Corp.)

WhatsApp (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…WhatsApp) (Version: 0.3.5374 – WhatsApp)

Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32…{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 – Microsoft Corporation)

Windows Live Essentials (HKLM-x32…WinLiveSuite) (Version: 16.4.3508.0205 – Microsoft Corporation)

WinRAR 5.50 (64-bit) (HKLM…WinRAR archiver) (Version: 5.50.0 – win.rar GmbH)

WPT Redistributables (HKLM-x32…{64F3FB9A-9250-B2D6-00B4-50BE0358AEE8}) (Version: 8.100.26866 – Microsoft) Hidden

WPTx64 (HKLM-x32…{BFF81CB5-E8C7-4184-FBB4-74ADFBC6CCCB}) (Version: 8.100.26837 – Microsoft) Hidden

XLN Audio RC-20 Retro Color (HKLM…RC-20 Retro Color_is1) (Version: 1.0.5 – XLN Audio)

Xpand!2 (HKLM-x32…{dadbcc76-2a7e-4f53-a77a-3868c51bdd80}) (Version: 2.2.7.19000 – AIR Music Tech GmbH)

Xpand!2 Content (HKLM-x32…{AEB475C2-FC86-4082-87D7-352DFB075B2C}) (Version: 2.2.7.19000 – AIR Music Tech GmbH) Hidden

Xpand!2 Factory Content (HKLM-x32…{C1149DC5-F5B9-455E-B6B3-B81D9B5C80A0}) (Version: 2.2.7.19000 – AIR Music Tech GmbH) Hidden

Xpand!2 VST32 (HKLM-x32…{87716891-1EC0-46CC-8821-5A4DC75EEFD7}) (Version: 2.2.7.19000 – AIR Music Tech GmbH) Hidden

Xpand!2 VST64 (HKLM…{B9802F00-659C-4C21-9BA5-0958BAC6EFEF}) (Version: 2.2.7.19000 – AIR Music Tech GmbH) Hidden

Youlean Loudness Meter 2 version V2.3.2 (HKLM-x32…{57AC2129-BA28-47CC-ACC8-BDCE413849DF}_is1) (Version: V2.3.2 – Youlean)

Zoom (HKUS-1-5-21-3663378538-2047212209-1910426402-1000…ZoomUMX) (Version: 4.6 – Zoom Video Communications, Inc.)

ZXP Installer (HKLM-x32…{B94067CB-2B26-47F2-AB6F-D4AE05888710}) (Version: 1.2.7329.22135 – aescripts + aeplugins)

ZXP Installer (HKLM-x32…{c1ff6348-4d1c-4fe2-a9ed-464e83609075}) (Version: 1.2.7329.22135 – aescripts + aeplugins) Hidden

ZXPInstaller (HKLM-x32…ZXPInstaller) (Version:  – )

 

==================== Custom CLSID (Whitelisted): ==============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}localserver32 -> C:UsersStudioAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{6D264B70-DA18-401D-910C-B202D89670C6}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.32psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{85D8EE2F-794F-41F0-BB03-49D56A23BEF4}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{A2C6CB58-C076-425C-ACB7-6D19D64428CD}localserver32 -> C:UsersStudioAppDataLocalGoogleChromeApplication91.0.4472.77notification_helper.exe (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{CA8FA699-91CD-412F-9D13-9B1222F4370E}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{CA919489-0396-4164-A6E7-94CDED45A707}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.52psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{DEDF773D-E27B-485E-8E7D-85C5B0EB5A67}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.72psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.36.82psuser_64.dll (Google LLC -> Google LLC)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{E9E7529D-7F09-410B-AF2A-CC154473B19C}InprocServer32 -> C:UsersStudioAppDataLocalGoogleUpdate1.3.35.453psuser_64.dll => No File

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

CustomCLSID: HKUS-1-5-21-3663378538-2047212209-1910426402-1000_ClassesCLSID{FBC9D74C-AF55-4309-9FB2-C426E071637F}InprocServer32 -> C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll (Dropbox, Inc -> Dropbox, Inc.)

SSODL: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – C:Windowssystem32webcheck.dll (Microsoft Windows -> Microsoft Corporation)

SSODL-x32: WebCheck – {E6FB5E20-DE35-11CF-9C87-00AA005127ED} – C:WindowsSysWow64webcheck.dll (Microsoft Windows -> Microsoft Corporation)

ShellExecuteHooks: No Name – {AEB6717E-7E19-11d0-97EE-00C04FD91972} –  -> No File

ShellExecuteHooks: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [6723984 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)

ShellExecuteHooks-x32: No Name – {AEB6717E-7E19-11d0-97EE-00C04FD91972} –  -> No File

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook – {B5A7F190-DDA6-4420-B3BA-52453494E6CD} – C:Program Files (x86)Microsoft OfficeOffice14GROOVEEX.DLL [4222864 2010-01-21] (Microsoft Corporation -> Microsoft Corporation)

ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers: [  GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [  GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:Program FilesGoogleDrivegoogledrivesync64.dll [2021-03-12] (Google LLC -> Google)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )

ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt1”] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt2”] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt3”] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt4”] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt5”] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt6”] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt7”] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ShellIconOverlayIdentifiers-x32: [“DropboxExt8”] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )

ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)

ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:Program Files (x86)Mp3tagMp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [File not signed]

ContextMenuHandlers1: [Notepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:Program Files (x86)Notepad++NppShell_04.dll [2011-07-18] () [File not signed]

ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:Program FilesCommon FilesAppleInternet ServicesShellStreams64.dll [2016-11-17] (Apple Inc. -> Apple Inc.)

ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:Program Files (x86)PowerISOPWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.) [File not signed]

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:Program Files (x86)Mp3tagMp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [File not signed]

ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:Program FilesGoogleDrivecontextmenu64.dll [2021-03-12] (Google LLC -> Google)

ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:Program Files (x86)Mp3tagMp3tagShell64.dll [2020-01-23] (Florian Heidenreich) [File not signed]

ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:Program Files (x86)PowerISOPWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.) [File not signed]

ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:Windowssystem32nvshext.dll [2018-03-23] (NVIDIA Corporation -> NVIDIA Corporation)

ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:Program Files (x86)AdobeAdobe Creative CloudCoreSyncExtensionCoreSync_x64.dll [2016-05-22] (Adobe Systems Incorporated -> )

ContextMenuHandlers6: [Fast Explorer] -> {693BE9C0-BEC3-11D2-B4C1-C33BBD3AD64B} =>  -> No File

ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:Program FilesMalwarebytesAnti-Malwarembshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:Program Files (x86)PowerISOPWRISOSH.DLL [2010-04-22] (PowerISO Computing, Inc.) [File not signed]

ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:Program FilesWinRARrarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

ContextMenuHandlers1_S-1-5-21-3663378538-2047212209-1910426402-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers4_S-1-5-21-3663378538-2047212209-1910426402-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

ContextMenuHandlers5_S-1-5-21-3663378538-2047212209-1910426402-1000: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:UsersStudioAppDataRoamingDropboxbinDropboxExt64.48.0.dll [2021-05-11] (Dropbox, Inc -> Dropbox, Inc.)

 

==================== Codecs (Whitelisted) ====================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM…Drivers32: [vidc.i420] => C:Windowssystem32lvcod64.dll [398360 2009-04-30] (Logitech Inc -> Logitech Inc.)

HKLM…Drivers32: [msacm.vorbis] => C:Windowssystem32vorbis.acm [1470976 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

HKLM…Drivers32: [VIDC.MAGY] => C:Windowssystem32magicyuv.dll [1019392 2015-03-04] () [File not signed]

HKLM…Drivers32-x32: [vidc.i420] => lvcodec2.dll

HKLM…Drivers32: [wave5] => C:WindowsSysWOW64Digi32.dll [196608 2008-12-04] (Digidesign, A Division of Avid Technology, Inc.) [File not signed]

HKLM…Drivers32-x32: [midi5] => mbx2midu.dll

HKLM…Drivers32: [vidc.yv12] => C:WindowsSysWOW64yv12vfw.dll [70656 2004-01-25] (www.helixcommunity.org) [File not signed]

HKLM…Drivers32: [vidc.VP61] => C:WindowsSysWOW64vp6vfw.dll [438272 2004-06-26] (On2.com) [File not signed]

HKLM…Drivers32: [vidc.VP60] => C:WindowsSysWOW64vp6vfw.dll [438272 2004-06-26] (On2.com) [File not signed]

HKLM…Drivers32: [msacm.vorbis] => C:WindowsSysWOW64vorbis.acm [1554944 2015-03-11] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]

HKLM…Drivers32: [VIDC.MAGY] => C:WindowsSysWOW64magicyuv.dll [886784 2015-03-04] () [File not signed]

 

==================== Shortcuts & WMI ========================

 

(The entries could be listed to be restored or removed.)

 

ShortcutWithArgument: C:UsersStudioDesktoprudi – Chrome.lnk -> C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 4″

ShortcutWithArgument: C:UsersStudioAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcutse9eb31d2071f32a4djsmuv@gmail.com – Chrome.lnk -> C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=”Profile 1″

ShortcutWithArgument: C:UsersStudioAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcutsdf4f843bbe02b06dDownloader for Instagram™ + Direct Message.lnk -> C:UsersStudioAppDataLocalGoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=olkpikmlhoaojbbmmpejnimiglejmboe

ShortcutWithArgument: C:UsersStudioAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcutsc3d70a768e320f6aScraper.lnk -> C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe (Google LLC) -> –profile-directory=Default –app-id=mbigbapnjcgaffohmbkdlecaccepngjd

ShortcutWithArgument: C:UsersStudioAppDataRoamingMicrosoftInternet ExplorerQuick LaunchUser PinnedImplicitAppShortcuts980b6e4d5257aa74mobile browser emulator.lnk -> C:UsersStudioAppDataLocalGoogleChromeApplicationchrome_proxy.exe (Google LLC) -> –profile-directory=Default –app-id=lbofcampnkjmiomohpbaihdcbjhbfepf

 

==================== Loaded Modules (Whitelisted) =============

 

2021-06-10 09:02 – 2014-05-15 16:21 – 000028672 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:UsersStudioDesktopmbarimageformatsqico4.dll

2021-06-10 09:02 – 2014-05-15 16:21 – 002578432 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:UsersStudioDesktopmbarQtCore4.dll

2021-06-10 09:02 – 2014-05-15 16:21 – 008406528 _____ (Digia Plc and/or its subsidiary(-ies)) [File not signed] C:UsersStudioDesktopmbarQtGui4.dll

2021-02-28 15:14 – 2019-07-11 14:50 – 000145408 _____ (TODO: <公司名>) [File not signed] C:Windowssystem32wintab32.dll

 

==================== Alternate Data Streams (Whitelisted) ========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

AlternateDataStreams: C:Program FilesCommon FilesSystem:u17X9LtleAvW9XYkXiq [2512]

AlternateDataStreams: C:ProgramDataMicrosoft:0zap6leIrMVNVNV0Nh2qXkms [2858]

AlternateDataStreams: C:ProgramDataMicrosoft:9PytM9crVl52ZYye69l95rVnx8t [2568]

AlternateDataStreams: C:ProgramDataMicrosoft:aN1v5mY1dYsegJJNHYiu [2306]

AlternateDataStreams: C:ProgramDataMicrosoft:DRu090TBAeroDJhnEKXyXg [2704]

AlternateDataStreams: C:ProgramDataMicrosoft:hgddohZ4QZCf7Is5OXOGL76N [2584]

AlternateDataStreams: C:ProgramDataMicrosoft:l65pD75jOeXJiYvTBFVyTZtw [2528]

AlternateDataStreams: C:ProgramDataMicrosoft:lE5oPN1C5yNgm8tDcRQEam5Qn [2664]

AlternateDataStreams: C:ProgramDataMicrosoft:puk0kiZdWQncP7hs2qUostf2 [2720]

AlternateDataStreams: C:ProgramDataMicrosoft:TsgejLKmHOQldk7hQajCTtK [2756]

AlternateDataStreams: C:ProgramDataMicrosoft:vtexwAeOS79O6bEVBabJLZkC0 [2682]

AlternateDataStreams: C:ProgramDataReprise:jhqduwvxlctbqqijsf`usjbm`pgyjhioihinfh [0]

AlternateDataStreams: C:ProgramDataReprise:wupeogjxlctlfudivq`qsp`28hfm [0]

AlternateDataStreams: C:ProgramDataTEMP:76650B61 [103]

AlternateDataStreams: C:UsersStudioCookies:1XE2xr4vjoH6cNFlypofFSZRe [2060]

AlternateDataStreams: C:UsersStudioCookies:HbzAPeo5bE1TS9Yg7hAllle [2506]

AlternateDataStreams: C:UsersStudioCookies:l3jC9RKD0fZK7f9G [2324]

AlternateDataStreams: C:UsersStudioAppDataLocalvfdHUhAZiNe:zTuBhtLNQqEwIqwKiQtrRqA [2922]

AlternateDataStreams: C:UsersStudioAppDataLocal43BkVOoW6pbs9:dc9kajfSxme8sTS56bn [2614]

AlternateDataStreams: C:UsersStudioAppDataLocal8m8jnAAmFqo1iII:2aSd3XFC9OseUHzDXfek602nw [2784]

AlternateDataStreams: C:UsersStudioAppDataLocalkmvGgNk0Vx0Vb2:LtjG94a4rxwN2EyRPJZUQtb6LHe [2584]

AlternateDataStreams: C:UsersStudioAppDataLocalTemp:ORUKFnLDKR9FrE4AuV6 [2384]

AlternateDataStreams: C:UsersStudioAppDataLocalTemporary Internet Files:pwPwMd3SotRe1LSAM5Rkhrn [2930]

AlternateDataStreams: C:UsersStudioAppDataLocaltWaoFicCqshGj:RXp6RmhoPIuEryvpNWFCTBYAVBS [2264]

 

==================== Safe Mode (Whitelisted) ==================

 

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)

 

HKLMSYSTEMCurrentControlSetControlSafeBootMinimal7622C635 => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalmbamchameleon => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootMinimalMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootNetwork7622C635 => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkmbamchameleon => “”=”Driver”

HKLMSYSTEMCurrentControlSetControlSafeBootNetworkMBAMService => “”=”Service”

HKLMSYSTEMCurrentControlSetControlSafeBootOption => “OptionValue”=”2”

 

==================== Association (Whitelisted) =================

 

==================== Internet Explorer (Version 11) (Whitelisted) ==========

 

HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131163776717967351&GUID=00000000-0000-0000-0000-000000000000

HKLMSoftwareWow6432NodeMicrosoftInternet ExplorerMain,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131163776718207364&GUID=00000000-0000-0000-0000-000000000000

HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKU.DEFAULTSoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome

HKUS-1-5-21-3663378538-2047212209-1910426402-1000SoftwareMicrosoftInternet ExplorerMain,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

HKUS-1-5-21-3663378538-2047212209-1910426402-1000SoftwareMicrosoftInternet ExplorerMain,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131163776718247367&GUID=00000000-0000-0000-0000-000000000000

SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKUS-1-5-21-3663378538-2047212209-1910426402-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

SearchScopes: HKUS-1-5-21-3663378538-2047212209-1910426402-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:Program FilesMicrosoft OfficeOffice14GROOVEEX.DLL [2010-01-21] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program FilesJavajre1.8.0_171binssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2012-07-17] (Microsoft Corporation -> Microsoft Corp.)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:Program FilesMicrosoft OfficeOffice14URLREDIR.DLL [2010-01-16] (Microsoft Corporation -> Microsoft Corporation)

BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program FilesJavajre1.8.0_171binjp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:Program Files (x86)Javajre1.8.0_171binssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:Program Files (x86)Javajre1.8.0_171binjp2ssv.dll [2018-04-20] (Oracle America, Inc. -> Oracle Corporation)

 

==================== Hosts content: =========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2018-07-27 10:27 – 2019-09-14 09:02 – 000544191 _____ C:Windowssystem32driversetchosts

127.0.0.1 localhost

127.0.0.1 www.r2rdownload.com

127.0.0.1 www.elephantafiles.com

0.0.0.0 fr.a2dfp.net

0.0.0.0 m.fr.a2dfp.net

0.0.0.0 mfr.a2dfp.net

0.0.0.0 ad.a8.net

0.0.0.0 asy.a8ww.net

0.0.0.0 static.a-ads.com

0.0.0.0 abcstats.com

0.0.0.0 a.abv.bg

0.0.0.0 adserver.abv.bg

0.0.0.0 adv.abv.bg

0.0.0.0 bimg.abv.bg

0.0.0.0 ca.abv.bg

0.0.0.0 track.acclaimnetwork.com

0.0.0.0 csh.actiondesk.com

0.0.0.0 ads.activepower.net

0.0.0.0 ad.activesolutions.cz

0.0.0.0 app.activetrail.com

0.0.0.0 traffic.acwebconnecting.com

0.0.0.0 office.ad1.ru

0.0.0.0 cms.ad2click.nl

0.0.0.0 ad2games.com

0.0.0.0 content.ad20.net

0.0.0.0 core.ad20.net

0.0.0.0 banner.ad.nu

0.0.0.0 adadvisor.net

0.0.0.0 wad.adbasket.net

0.0.0.0 adbox.hu

 

There are 14546 more lines.

 

 

==================== Other Areas ===========================

 

(Currently there is no automatic fix for this section.)

 

HKLMSystemCurrentControlSetControlSession ManagerEnvironment\Path -> C:Program Files (x86)Common FilesOracleJavajavapath;C:Program Files (x86)Common FilesIntelShared Librariesredistintel64_wincompiler;C:Program Files (x86)Common FilesIntelShared Librariesredistia32_wincompiler;C:ProgramDataOracleJavajavapath;C:Program FilesCommon FilesMicrosoft SharedWindows Live;C:Program Files (x86)Common FilesMicrosoft SharedWindows Live;C:Windowssystem32;C:Windows;C:Windowssystem32wbem;C:WindowsSystem32WindowsPowerShellv1.0;C:Program Files (x86)QuickTimeQTSystem;C:Program Files (x86)Windows LiveShared;C:Program Files (x86)QuickTimeQTSystem;C:Program Files (x86)NVIDIA CorporationPhysXCommon;C:Program FilesNVIDIA CorporationNVIDIA NvDLISR;C:Program Filesnodejs;C:Program Files (x86)Windows Kits8.1Windows Performance Toolkit

HKUS-1-5-21-3663378538-2047212209-1910426402-1000Control PanelDesktop\Wallpaper -> C:UsersStudioAppDataRoamingMicrosoftWindowsThemesTranscodedWallpaper.jpg

DNS Servers: Media is not connected to internet.

HKLMSOFTWAREMicrosoftWindowsCurrentVersionPoliciesSystem => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(If an entry is included in the fixlist, it will be removed.)

 

MSCONFIGServices: AdobeARMservice => 2

MSCONFIGServices: AdobeFlashPlayerUpdateSvc => 3

MSCONFIGServices: AdobeUpdateService => 2

MSCONFIGServices: AGMService => 2

MSCONFIGServices: AGSService => 2

MSCONFIGServices: Apple Mobile Device Service => 2

MSCONFIGServices: Asset Management Daemon => 2

MSCONFIGServices: AsSysCtrlService => 2

MSCONFIGServices: Bonjour Service => 2

MSCONFIGServices: CodeMeter.exe => 2

MSCONFIGServices: DigiRefresh => 2

MSCONFIGServices: digiSPTIService64 => 3

MSCONFIGServices: DTSRVC => 2

MSCONFIGServices: FLEXnet Licensing Service => 3

MSCONFIGServices: Focusrite Control Server => 2

MSCONFIGServices: gupdate => 2

MSCONFIGServices: gupdatem => 3

MSCONFIGServices: iPod Service => 3

MSCONFIGServices: MacDrive8ServiceD => 2

MSCONFIGServices: MBAMService => 2

MSCONFIGServices: MozillaMaintenance => 3

MSCONFIGServices: NvContainerLocalSystem => 2

MSCONFIGServices: NvContainerNetworkService => 3

MSCONFIGServices: NVDisplay.ContainerLocalSystem => 2

MSCONFIGServices: NvTelemetryContainer => 2

MSCONFIGServices: PaceLicenseDServices => 2

MSCONFIGServices: PdiService => 2

MSCONFIGServices: PlexUpdateService => 2

MSCONFIGServices: ss_conn_launcher_service => 3

MSCONFIGServices: ss_conn_service => 2

MSCONFIGServices: ss_conn_service2 => 2

MSCONFIGServices: Winmgmt => 2

MSCONFIGServices: WsAppService3 => 2

MSCONFIGServices: WsDrvInst => 2

MSCONFIGServices: WTabletServiceCon => 2

MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:WindowspssCodeMeter Control Center.lnk.CommonStartup

MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SoundGrid Studio.lnk => C:WindowspssSoundGrid Studio.lnk.CommonStartup

MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WSAndroidAppHelper.lnk => C:WindowspssWSAndroidAppHelper.lnk.CommonStartup

MSCONFIGstartupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^WSAppHelper.lnk => C:WindowspssWSAppHelper.lnk.CommonStartup

MSCONFIGstartupfolder: C:^Users^Studio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:WindowspssDropbox.lnk.Startup

MSCONFIGstartupfolder: C:^Users^Studio^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jarvee.lnk => C:WindowspssJarvee.lnk.Startup

MSCONFIGstartupreg: abcd => “C:UsersStudioAppDataRoamingabcd.exe”

MSCONFIGstartupreg: Adobe ARM => “C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe”

MSCONFIGstartupreg: Adobe Creative Cloud => “C:Program Files (x86)AdobeAdobe Creative CloudACCCreative Cloud.exe” –showwindow=false –onOSstartup=true

MSCONFIGstartupreg: Adobe Reader Speed Launcher => “C:Program Files (x86)AdobeReader 10.0ReaderReader_sl.exe”

MSCONFIGstartupreg: AdobeAAMUpdater-1.0 => “C:Program Files (x86)Common FilesAdobeOOBEPDAppUWAUpdaterStartupUtility.exe”

MSCONFIGstartupreg: AdobeCS5.5ServiceManager => “C:Program Files (x86)Common FilesAdobeCS5.5ServiceManagerCS5.5ServiceManager.exe” -launchedbylogin

MSCONFIGstartupreg: AdobeCS5ServiceManager => “C:Program Files (x86)Common FilesAdobeCS5ServiceManagerCS5ServiceManager.exe” -launchedbylogin

MSCONFIGstartupreg: AdobeCS6ServiceManager => “C:Program Files (x86)Common FilesAdobeCS6ServiceManagerCS6ServiceManager.exe” -launchedbylogin

MSCONFIGstartupreg: AdobeGCInvoker-1.0 => “C:Program Files (x86)Common FilesAdobeAdobeGCClientAGCInvokerUtility.exe”

MSCONFIGstartupreg: APSDaemon => “C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe”

MSCONFIGstartupreg: BCSSync => “C:Program Files (x86)Microsoft OfficeOffice14BCSSync.exe” /DelayServices

MSCONFIGstartupreg: CCleaner Monitoring => “C:Program FilesCCleanerCCleaner64.exe” /MONITOR

MSCONFIGstartupreg: Cpu Level Up => “C:Program Files (x86)ASUSAI SuiteCPU Level UPExCpuLevelUp.exe” -r

MSCONFIGstartupreg: dfsrdiag => “C:UsersStudioAppDataRoamingdfsrdiagdfsrdiag.exe”

MSCONFIGstartupreg: DigidesignMMERefresh => C:Program FilesAvidPro ToolsMMERefresh.exe

MSCONFIGstartupreg: DNS7reminder => “C:Program Files (x86)NuanceNaturallySpeaking12EregEreg.exe” -r “C:ProgramDataNuanceNaturallySpeaking12Ereg.ini”

MSCONFIGstartupreg: Dropbox Update => “C:UsersStudioAppDataLocalDropboxUpdateDropboxUpdate.exe” /c

MSCONFIGstartupreg: Focusrite Notifier => “C:Program FilesFocusriteUSBFocusrite Notifier.exe”

MSCONFIGstartupreg: Google Update => “C:UsersStudioAppDataLocalGoogleUpdate1.3.36.82GoogleUpdateCore.exe”

MSCONFIGstartupreg: GoogleChromeAutoLaunch_AE11DD999CCB93BB6492453EBA64B896 => “C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe” –no-startup-window /prefetch:5

MSCONFIGstartupreg: GoogleDriveSync => “C:Program FilesGoogleDrivegoogledrivesync.exe” /autostart

MSCONFIGstartupreg: HDAudDeck => C:Program Files (x86)VIAVIAudioiVDeckVDeck.exe -r

MSCONFIGstartupreg: iCloudServices => “C:Program Files (x86)Common FilesAppleInternet ServicesiCloudServices.exe”

MSCONFIGstartupreg: ISUSPM => C:ProgramDataFLEXnetConnect11ISUSPM.exe -scheduler

MSCONFIGstartupreg: iTunesHelper => “C:Program FilesiTunesiTunesHelper.exe”

MSCONFIGstartupreg: join.me.launcher => C:UsersStudioAppDataLocaljoin.me.launcherjoin.me.launcher.exe

MSCONFIGstartupreg: LifeCam => “C:Program Files (x86)Microsoft LifeCamLifeExp.exe”

MSCONFIGstartupreg: MacDrive 8 application for Digidesign => “C:Program FilesMediafourMacDrive 8MacDriveD.exe”

MSCONFIGstartupreg: mcbuilder => “C:UsersStudioAppDataRoamingmcbuildermcbuilder.exe”

MSCONFIGstartupreg: nbtstat => “C:UsersStudioAppDataRoamingnbtstatnbtstat.exe”

MSCONFIGstartupreg: NUSB3MON => “C:Program Files (x86)Renesas ElectronicsUSB 3.0 Host Controller DriverApplicationnusb3mon.exe”

MSCONFIGstartupreg: NvBackend => “C:Program Files (x86)NVIDIA CorporationUpdate CoreNvBackend.exe”

MSCONFIGstartupreg: Nvtmru => “C:Program Files (x86)NVIDIA CorporationNVIDIA Update Corenvtmru.exe”

MSCONFIGstartupreg: OfficeSyncProcess => “C:Program Files (x86)Microsoft OfficeOffice14MSOSYNC.EXE”

MSCONFIGstartupreg: oneaa => “C:UsersStudioAppDataRoamingonesaoneaa.exe”

MSCONFIGstartupreg: oneaaa => “C:UsersStudioAppDataRoamingonesaoneaaa.exe”

MSCONFIGstartupreg: oneaasxaa => “C:UsersStudioAppDataRoamingonesaoneaasxaa.exe”

MSCONFIGstartupreg: pcaui => “C:UsersStudioAppDataRoamingpcauipcaui.exe”

MSCONFIGstartupreg: PentabletService => C:Program FilesPentabletPentabletService.exe

MSCONFIGstartupreg: Plex Media Server => “C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe”

MSCONFIGstartupreg: PnPUnattend => “C:UsersStudioAppDataRoamingPnPUnattendPnPUnattend.exe”

MSCONFIGstartupreg: PWRISOVM.EXE => C:Program Files (x86)PowerISOPWRISOVM.EXE

MSCONFIGstartupreg: QFan Help => “C:Program Files (x86)ASUSAI SuiteQFan3QFanHelp.exe”

MSCONFIGstartupreg: Samsung DeX => C:Program Files (x86)SamsungSamsung DeXSamsungDeX.exe –autorun

MSCONFIGstartupreg: Services.exe => C:UsersStudioAppDataLocalTempServices.exe

MSCONFIGstartupreg: SGDawNodeService => C:WindowsSysWOW64SGDawNodeService.exe runasservice

MSCONFIGstartupreg: ShadowPlay => C:Windowssystem32rundll32.exe C:Windowssystem32nvspcap64.dll,ShadowPlayOnSystemStart

MSCONFIGstartupreg: Skype for Desktop => C:Program Files (x86)MicrosoftSkype for DesktopSkype.exe

MSCONFIGstartupreg: Spotify => C:UsersStudioAppDataRoamingSpotifySpotify.exe –autostart

MSCONFIGstartupreg: Spotify Web Helper => C:UsersStudioAppDataRoamingSpotifySpotifyWebHelper.exe –autostart

MSCONFIGstartupreg: SunJavaUpdateSched => “C:Program Files (x86)Common FilesJavaJava Updatejusched.exe”

MSCONFIGstartupreg: SwitchBoard => C:Program Files (x86)Common FilesAdobeSwitchBoardSwitchBoard.exe

MSCONFIGstartupreg: uTorrent => “C:UsersStudioAppDataRoaminguTorrentuTorrent.exe”  /MINIMIZED

MSCONFIGstartupreg: vmware-tray => “C:Program Files (x86)VMwareVMware Workstationvmware-tray.exe”

 

==================== FirewallRules (Whitelisted) ================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{984AB730-8BA6-4D1C-8418-2030B4DFD129}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{2E10B551-38A3-43E3-AD45-647C0333B098}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{72ABB2C4-0F2D-4FFF-A36D-4345BAA80712}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{CD7631AC-4979-4A0C-AABC-DA77539461FC}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{7B7A4508-202B-4F86-91E1-D4E364E10F5A}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{E3C43BBF-4C4A-4416-8810-BA6CAC8250BC}] => (Allow) C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)

FirewallRules: [{C7AE9E07-29E4-445E-BB33-FC5F9455C00E}] => (Allow) LPort=54420

FirewallRules: [{D53EE31B-9876-4951-B241-4606C468F3A3}] => (Allow) LPort=2869

FirewallRules: [{6DD24E20-35A6-4146-BB56-57DA0E5D525F}] => (Allow) LPort=1900

FirewallRules: [{E91E299B-77AC-4BED-B058-5D346A96B114}] => (Allow) C:UsersStudioAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{0800F3BB-DF91-454D-98B0-BE1125CAE29E}] => (Allow) C:UsersStudioAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{69B52DC7-428E-4B0E-B5F8-0A75957E8A87}] => (Allow) C:UsersStudioAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{52C516DC-7D86-4B08-B104-5607CBCF6F6C}] => (Allow) C:UsersStudioAppDataRoamingDropboxbinDropbox.exe (Dropbox, Inc -> Dropbox, Inc.)

FirewallRules: [{24EB6F52-E76E-4B49-8025-047DD9A33753}] => (Allow) LPort=51001

FirewallRules: [{1B46D1F3-18F4-42DF-874C-F9AC0506E611}] => (Allow) C:Program Files (x86)Windows LiveContactswlcomm.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{9DBD3C2A-03FD-421D-BA79-6EF63C2B594A}] => (Allow) LPort=2869

FirewallRules: [{D40D816E-8043-4D00-A8B1-0B21FE5DDF87}] => (Allow) LPort=1900

FirewallRules: [{351AB392-D288-40F6-86A0-0ED5FD65B885}] => (Allow) C:UsersStudioAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{E46ADE1A-75F0-41BE-BC89-F5B7FC04062E}] => (Allow) C:UsersStudioAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{A81653A7-6B08-4C8C-8D7C-0FB919B59D47}] => (Allow) C:Program Files (x86)Rosetta StoneRosetta Stone Version 3RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]

FirewallRules: [{996BBB58-90D8-44A4-AF81-8AA1EBCDB6E1}] => (Allow) C:Program Files (x86)Rosetta StoneRosetta Stone Version 3RosettaStoneVersion3.exe (Multidmedia Limited) [File not signed]

FirewallRules: [{7624A9A0-5EC2-47BB-9863-C0063047F5B6}] => (Allow) C:Program Files (x86)Rosetta StoneRosetta Stone Version 3supportbinwinRosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)

FirewallRules: [{B80271EA-A2D0-4252-A306-D91DC4597B8E}] => (Allow) C:Program Files (x86)Rosetta StoneRosetta Stone Version 3supportbinwinRosettaStoneLtdServices.exe (Rosetta Stone, Ltd -> Rosetta Stone Ltd.)

FirewallRules: [{0098839C-DB21-4D12-B0C9-3D03F8704C63}] => (Allow) C:UsersStudioAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{770B8B83-B3DB-4AF2-AF78-4C5253B3297D}] => (Allow) C:UsersStudioAppDataRoaminguTorrentuTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)

FirewallRules: [{C6073A3E-4667-4BF4-A858-EDABCC34EE47}] => (Allow) C:Program Files (x86)GSA Search Engine RankerSearch_Engine_Ranker.exe (Geselschaft fuer Softwareentwicklung und Analytik GmbH -> GSA)

FirewallRules: [{1904EF7C-A158-449F-B6A7-ADFD837F9824}] => (Allow) C:Program Files (x86)GSA Search Engine RankerSearch_Engine_Ranker.exe (Geselschaft fuer Softwareentwicklung und Analytik GmbH -> GSA)

FirewallRules: [{B3EB8B4B-9935-4177-998C-A1A67F246F60}] => (Allow) C:Program Files (x86)GSA Search Engine RankerSearch_Engine_Ranker.exe (Geselschaft fuer Softwareentwicklung und Analytik GmbH -> GSA)

FirewallRules: [{9716470B-788B-4AE7-BF32-CD8DD62FD8B4}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{1E744D54-60B4-4D8B-860F-847023A6ECDF}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{67042AA0-5659-463A-B6A1-F9FE8EF6767D}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{1A758231-ACBF-49AE-92E1-8A9C9225EF45}] => (Allow) C:Program Files (x86)Mozilla Firefoxfirefox.exe (Mozilla Corporation -> Mozilla Corporation)

FirewallRules: [{D4D5D548-C5DA-482E-A05F-7866106752A3}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{3FC4829B-5E22-4CA8-8BA9-9A7118D7B23C}] => (Allow) C:Program FilesBonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{1A3EA9C4-6E93-4D6E-8E29-CF9A4BB45584}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{73F216CF-9BED-44DA-98B7-E5419564E452}] => (Allow) C:Program Files (x86)BonjourmDNSResponder.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{8AC094F5-8D09-491C-8690-4F4A5EB58CEA}] => (Allow) C:UsersStudioAppDataLocalGoogleChromeApplicationchrome.exe (Google LLC -> Google LLC)

FirewallRules: [{857A2C9E-E6BA-4D94-9AEA-8652B82FB9C6}] => (Allow) C:Program FilesAvidPro ToolsProTools.exe (Avid Technology, Inc.) [File not signed]

FirewallRules: [{44D245F4-FA78-4FCF-8A7B-B8A71C065194}] => (Allow) C:Program FilesiTunesiTunes.exe (Apple Inc. -> Apple Inc.)

FirewallRules: [{A5A5052E-C9BE-4F2D-9334-61E49626EF39}] => (Allow) LPort=8318

FirewallRules: [{54EF3EB4-3F5F-4AD4-80B3-1E4C3BD99419}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{32E65BA9-7F92-4BF6-A31C-144E8460E278}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{8F0F8DD1-52A5-4718-906A-DCA81FCA77E6}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{7EE24763-59A0-4428-9E5B-523507380573}] => (Allow) C:Program FilesNVIDIA CorporationNvContainernvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{E7B6BE97-9D74-46BD-9C0B-4FED48A26F56}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{EB6CD64B-88D1-4622-8C74-B16A79B1E183}] => (Allow) C:Program FilesNVIDIA CorporationNvStreamSrvnvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)

FirewallRules: [{9649AAD0-564D-4C6C-A7D0-DA78E39889F9}] => (Allow) C:Program Files (x86)DroidCamDroidCamApp.exe (DEV47 APPS -> )

FirewallRules: [{83214D09-FBA1-4186-A8C5-5E11ABC2C47D}] => (Allow) C:Program Files (x86)DroidCamDroidCamApp.exe (DEV47 APPS -> )

FirewallRules: [{AFF539D8-CE0F-4575-ADDC-B6ECBC1BF7DC}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeCam.exe (Microsoft Corporation) [File not signed]

FirewallRules: [{278EF872-FE31-42E0-9B72-CDFA5C2525DF}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeCam.exe (Microsoft Corporation) [File not signed]

FirewallRules: [{DF12BFFB-290D-46BF-AFFA-0FAF0F297C52}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeEnC2.exe (Microsoft Corporation) [File not signed]

FirewallRules: [{4A332620-547B-49F3-9F2B-19B4DAF9B642}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeEnC2.exe (Microsoft Corporation) [File not signed]

FirewallRules: [{68F2CF45-1A0A-4A2B-8F7F-D9E346DC8895}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeExp.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{CDF9641C-89CC-479A-AEED-FDB4CA17AE4E}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeExp.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{AEF0BB94-9858-4C2F-ADF9-04EB5B391AF2}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeTray.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [{988AC4AA-8C50-48E8-8E50-6014F4CF3182}] => (Allow) C:Program Files (x86)Microsoft LifeCamLifeTray.exe (Microsoft Corporation -> Microsoft Corporation)

FirewallRules: [TCP Query User{63650DB6-F85B-45E4-9BEB-8FD8F075E79C}C:program files (x86)image-linefl studio 20fl64.exe] => (Block) C:program files (x86)image-linefl studio 20fl64.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{58727119-E65F-400D-9274-A2FFDAB8B1DE}C:program files (x86)image-linefl studio 20fl64.exe] => (Block) C:program files (x86)image-linefl studio 20fl64.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{1A86156A-F363-491D-8E66-B98C1841B713}C:program files (x86)image-linefl studio 20fl.exe] => (Block) C:program files (x86)image-linefl studio 20fl.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{DA63ADAE-8FA0-47B9-BDD7-04DE23BB1F80}C:program files (x86)image-linefl studio 20fl.exe] => (Block) C:program files (x86)image-linefl studio 20fl.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{5703C5F8-D297-4886-B1D2-B47C44CE8656}C:usersstudioappdataroamingspotifyspotify.exe] => (Allow) C:usersstudioappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{56C389B3-3190-4E33-9FF1-EB4C3E530871}C:usersstudioappdataroamingspotifyspotify.exe] => (Allow) C:usersstudioappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{DCAC7458-CDC7-4194-A567-39968BB62049}G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe] => (Block) G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [UDP Query User{00954DE1-BF17-4503-AEB2-3AB7135701A9}G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe] => (Block) G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [TCP Query User{49E581D5-3F51-42A7-8D09-AC02EEB54378}G:adobe 2019adobeadobe premiere pro cc 2019dvaaudiofilterscan.exe] => (Allow) G:adobe 2019adobeadobe premiere pro cc 2019dvaaudiofilterscan.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [UDP Query User{B924D002-978D-4246-9A97-9C70307A9BC0}G:adobe 2019adobeadobe premiere pro cc 2019dvaaudiofilterscan.exe] => (Allow) G:adobe 2019adobeadobe premiere pro cc 2019dvaaudiofilterscan.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [TCP Query User{2752F858-C09B-46EA-9DBE-387F7D3595F2}C:program filessonyvegas pro 13.0vegas130.exe] => (Block) C:program filessonyvegas pro 13.0vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]

FirewallRules: [UDP Query User{AF4A919E-8465-4C5D-9B2E-01871D32784E}C:program filessonyvegas pro 13.0vegas130.exe] => (Block) C:program filessonyvegas pro 13.0vegas130.exe (Sony Creative Software Inc -> Sony Creative Software Inc.) [File not signed]

FirewallRules: [TCP Query User{469E2D52-037B-403F-B970-79CF97A549E2}C:program files (x86)nightowlx_cmsresourcesappliblocal_servercmswebsvr.exe] => (Allow) C:program files (x86)nightowlx_cmsresourcesappliblocal_servercmswebsvr.exe (SHANGHAI E-MORE ELECTRONIC TECHNOLOGY CO., LTD -> )

FirewallRules: [UDP Query User{8E26109D-B256-462B-846E-2B1D6B645D0D}C:program files (x86)nightowlx_cmsresourcesappliblocal_servercmswebsvr.exe] => (Allow) C:program files (x86)nightowlx_cmsresourcesappliblocal_servercmswebsvr.exe (SHANGHAI E-MORE ELECTRONIC TECHNOLOGY CO., LTD -> )

FirewallRules: [{CE590DFF-3983-4D24-B4AF-2481BE75ACE3}] => (Allow) C:Program Files (x86)WavesMultiRackMultiRack SoundGrid.exe (Waves Inc -> Waves Audio Ltd.)

FirewallRules: [{868372F2-5F00-4679-A634-2A663C65D326}] => (Allow) C:Program Files (x86)WavesSoundGrid for VenueSoundGrid Inventory.exe (Waves Inc -> )

FirewallRules: [TCP Query User{E34B8289-FA0E-439B-8BE9-2F7F2945C0C3}C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{4E74691B-DD36-4459-8D6E-423A25D1089E}C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{5B222CDE-703E-43DC-8818-B53A1186A9E0}C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{3E2A59AC-6AF7-476D-A8D4-BF1B400AC4AC}C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{7BF1F5E2-22E2-4F72-9D72-22CEAC881FA2}C:program files (x86)image-linefl studio 20fl64.exe] => (Block) C:program files (x86)image-linefl studio 20fl64.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{BB78EFF0-5A97-4958-BCD5-EF55AD59A847}C:program files (x86)image-linefl studio 20fl64.exe] => (Block) C:program files (x86)image-linefl studio 20fl64.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{D4A800D5-5E24-4EEA-B3CC-5052A2040291}C:program files (x86)image-linefl studio 20fl.exe] => (Block) C:program files (x86)image-linefl studio 20fl.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{477B637F-025C-4085-87E6-4BF87F456BCF}C:program files (x86)image-linefl studio 20fl.exe] => (Block) C:program files (x86)image-linefl studio 20fl.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{D04D69D6-2633-4CFC-A8F9-59B5F47F098C}C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{1EC00949-2374-49DB-B954-6F13E1033292}C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{540165A5-45D7-40CA-BFE4-896440EF4154}C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{FF9EF162-EA90-420F-AF8B-A2AD74B6F3F3}C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{AE421BF9-B7B8-476D-9514-0FB32C5B4051}G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe] => (Block) G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [UDP Query User{3A4484DF-E21D-4811-9B5A-278A8F731480}G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe] => (Block) G:adobe 2019adobeadobe premiere pro cc 2019adobe premiere pro.exe (Adobe Systems Incorporated -> Adobe)

FirewallRules: [TCP Query User{5962AFB5-3F69-41F0-A95E-876EFEC0D0F3}C:usersstudioappdataroamingspotifyspotify.exe] => (Allow) C:usersstudioappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [UDP Query User{30606A6B-5547-468B-A96E-17F00C571EB9}C:usersstudioappdataroamingspotifyspotify.exe] => (Allow) C:usersstudioappdataroamingspotifyspotify.exe (Spotify AB -> Spotify Ltd)

FirewallRules: [TCP Query User{603F3B44-A4DB-4202-BC78-12091D17A0AD}C:program files (x86)image-linefl studio 20.5systemtoolsbridge32bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20.5systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{94BE8E05-B8BF-49B9-9157-CF93520466EA}C:program files (x86)image-linefl studio 20.5systemtoolsbridge32bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20.5systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{9156AF3A-8D86-414B-8476-5F9998497B53}C:program files (x86)image-linefl studio 20.5systemtoolsbridge64bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20.5systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{5AF540EE-A162-40B4-A16F-06AA969451BA}C:program files (x86)image-linefl studio 20.5systemtoolsbridge64bitilbridge.exe] => (Block) C:program files (x86)image-linefl studio 20.5systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{E7A46EB6-EA65-492F-B746-B61CA32E0C70}C:program files (x86)samsungsamsung dexsamsungdex.exe] => (Allow) C:program files (x86)samsungsamsung dexsamsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

FirewallRules: [UDP Query User{B35BAF50-CBAD-40BC-89DC-C7C008A5208D}C:program files (x86)samsungsamsung dexsamsungdex.exe] => (Allow) C:program files (x86)samsungsamsung dexsamsungdex.exe (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)

FirewallRules: [TCP Query User{025857D6-0D11-4304-A51C-9FE293FAE1E1}C:program files (x86)image-linefl studio 20.5fl64.exe] => (Allow) C:program files (x86)image-linefl studio 20.5fl64.exe (Image-Line) [File not signed]

FirewallRules: [UDP Query User{89426827-F635-4C11-8708-5506D619F7F5}C:program files (x86)image-linefl studio 20.5fl64.exe] => (Allow) C:program files (x86)image-linefl studio 20.5fl64.exe (Image-Line) [File not signed]

FirewallRules: [TCP Query User{F533B2CE-C17A-48F1-8973-8D7509B464F2}C:program files (x86)image-linefl studio 20.5fl.exe] => (Allow) C:program files (x86)image-linefl studio 20.5fl.exe (Image-Line) [File not signed]

FirewallRules: [UDP Query User{F6338355-DF07-46D2-96D8-9962484EE1F6}C:program files (x86)image-linefl studio 20.5fl.exe] => (Allow) C:program files (x86)image-linefl studio 20.5fl.exe (Image-Line) [File not signed]

FirewallRules: [TCP Query User{765BA2B2-02B8-4613-8C49-11976A28EFDA}C:program files (x86)image-linefl studio 20.6fl64.exe] => (Allow) C:program files (x86)image-linefl studio 20.6fl64.exe (Image-Line) [File not signed]

FirewallRules: [UDP Query User{E4E4029B-19AE-4D0A-918C-DB7CFF777DAF}C:program files (x86)image-linefl studio 20.6fl64.exe] => (Allow) C:program files (x86)image-linefl studio 20.6fl64.exe (Image-Line) [File not signed]

FirewallRules: [TCP Query User{088CB2B5-2218-44E7-969C-C365C96DAA9F}C:program files (x86)image-linefl studio 20.6systemtoolsbridge32bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20.6systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{85731875-BBA3-4E89-BE72-357390DC8BE1}C:program files (x86)image-linefl studio 20.6systemtoolsbridge32bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20.6systemtoolsbridge32bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{2012B380-5368-4E7C-8C61-10D161380B1A}C:program files (x86)image-linefl studio 20.6systemtoolsbridge64bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20.6systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [UDP Query User{90020E1B-E06F-4DF2-A2B4-D6B029F1D626}C:program files (x86)image-linefl studio 20.6systemtoolsbridge64bitilbridge.exe] => (Allow) C:program files (x86)image-linefl studio 20.6systemtoolsbridge64bitilbridge.exe (Image Line -> Image-Line)

FirewallRules: [TCP Query User{0CF0F2BE-3ACF-4E06-8560-339A61D5295C}C:program files (x86)videolanvlcvlc.exe] => (Allow) C:program files (x86)videolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [UDP Query User{1ACD5E67-B46B-4D62-AD77-1AE870E90A40}C:program files (x86)videolanvlcvlc.exe] => (Allow) C:program files (x86)videolanvlcvlc.exe (VideoLAN -> VideoLAN)

FirewallRules: [{55CB3561-5311-4403-BC84-7F79742854B5}] => (Allow) C:UsersStudioAppDataRoamingZoombinZoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)

FirewallRules: [{2BC58EC1-14A2-4AA4-A99C-30D3D2A768C4}] => (Allow) C:Program FilesFocusriteFocusrite ControlServerControlServer.exe (Focusrite Audio Engineering Ltd.) [File not signed]

FirewallRules: [{BE674656-B9EA-48D4-A42A-E69C1A7C67CD}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Media Server.exe (Plex, Inc. -> Plex, Inc.)

FirewallRules: [{51E97C3B-5AE2-49FB-BCE2-D05001F7C302}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlexScriptHost.exe (Plex, Inc. -> Python Software Foundation)

FirewallRules: [{DAAC9D49-0A3F-48ED-8361-91E6546BAB05}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex DLNA Server.exe (Plex, Inc. -> Plex, Inc.)

FirewallRules: [{8670C749-5931-4C55-ACE0-B4F43500B265}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Tuner Service.exe (Plex, Inc. -> )

FirewallRules: [{417C3EB9-0A32-48A9-91C8-1DB4001ECCFE}] => (Allow) C:Program Files (x86)PlexPlex Media ServerPlex Game TranscoderPlex Game Transcoder.exe (Plex, Inc. -> )

DomainProfileAuthorizedApplications: [C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe] => Enabled:CodeMeter Runtime Server

StandardProfileAuthorizedApplications: [C:Program Files (x86)CodeMeterRuntimebinCodeMeter.exe] => Enabled:CodeMeter Runtime Server

 

==================== Restore Points =========================

 

ATTENTION: System Restore is disabled (Total:298.09 GB) (Free:34.77 GB) (12%)

 

==================== Faulty Device Manager Devices ============

 

Name: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)

Description: NVIDIA Virtual Audio Device (Wave Extensible) (WDM)

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: nvvad_WaveExtensible

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: DroidCam Source 3

Description: DroidCam Source 3

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Dev47Apps.com

Service: DroidCamVideo

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: DroidCam Virtual Audio

Description: DroidCam Virtual Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Dev47Apps.com

Service: DroidCam

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: Waves SoundGrid

Description: Waves SoundGrid

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: Waves Audio Ltd.

Service: SoundGridMIDI

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: Renesas Electronics USB 3.0 Host Controller

Description: Renesas Electronics USB 3.0 Host Controller

Class Guid: {36fc9e60-c465-11cf-8056-444553540000}

Manufacturer: Renesas Electronics

Service: nusb3xhc

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: NVIDIA High Definition Audio

Description: NVIDIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: NVIDIA

Service: NVHDA

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: VIA High Definition Audio

Description: VIA High Definition Audio

Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}

Manufacturer: VIA Technologies, Inc.

Service: VIAHdAudAddService

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click “Action”, and then click “Enable Device”. This starts the Enable Device wizard. Follow the instructions.

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: ========================

 

Could not start eventlog service, could not read events.

 

The Windows Event Log service is starting.

The Windows Event Log service could not be started.

 

A system error has occurred.

 

More help is available by typing NET HELPMSG 4201.

 

 

==================== Memory info =========================== 

 

BIOS: American Megatrends Inc. 1701 09/27/2012

Motherboard: ASUSTeK Computer INC. P7P55D-E LX

Processor: Intel® Xeon® CPU X3470 @ 2.93GHz

Percentage of memory in use: 34%

Total physical RAM: 16382.05 MB

Available physical RAM: 10674.08 MB

Total Virtual: 32762.24 MB

Available Virtual: 27661.71 MB

 

==================== Drives ================================

 

Drive c: (Windows 7) (Fixed) (Total:298.09 GB) (Free:34.77 GB) NTFS ==>[drive with boot components (obtained from BCD)]

Drive e: (SysRsrvd) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]

Drive f: (STORE N GO) (Removable) (Total:3.73 GB) (Free:0.08 GB) FAT32

Drive g: (Sessions) (Fixed) (Total:931.41 GB) (Free:55.15 GB) NTFS

Drive h: (2TB) (Fixed) (Total:1863.01 GB) (Free:139.01 GB) NTFS ==>[system with boot components (obtained from drive)]

 

 

==================== MBR & Partition Table ====================

 

==========================================================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: A5B517F3)

Partition 1: (Active) – (Size=100 MB) – (Type=07 NTFS)

Partition 2: (Not Active) – (Size=931.4 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: EBB16864)

Partition 1: (Active) – (Size=1863 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 2 (MBR Code: Windows 7/8/10) (Size: 298.1 GB) (Disk ID: A5B517EB)

Partition 1: (Active) – (Size=298.1 GB) – (Type=07 NTFS)

 

==========================================================

Disk: 4 (Size: 3.7 GB) (Disk ID: 6F20736B)

No partition Table on disk 4.

Disk 4 is a removable device.

 

==================== End of Addition.txt =======================

 

 

 

 




Original Source by [author_name]

Leave a Reply

Your email address will not be published. Required fields are marked *

+ eighty = eighty seven