Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

nasty virus deleted restore points, doesn’t let me run anti-malware


  • This topic is locked This topic is locked
33 replies to this topic

#1 vad777

vad777

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 18 July 2018 - 06:15 PM

got a nasty virus today on my audio and video editing computer. (Windows 7 64bit).
I think it deleted restore points and also doesnt let me run anti-malware.
I tried forcing system restore by pressing F8 but that was bringing up boot selection options only, no safe mode.
Created repair disk, but it cant find any restore points.
It also corrupted chrome browser, when I go into chrome ads pop up and all searches are done by yahoo even if I try google.

I dont want to reinstall windows becuase it will take me few days to reinstall all video and audio software and plugins.

Please help me how to remove this nasty virus or malware.

BC AdBot (Login to Remove)

 


#2 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,925 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:45 AM

Posted 18 July 2018 - 09:52 PM

Hello,

Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.

If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.


Edited by JSntgRvr, 19 July 2018 - 02:36 PM.

No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#3 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 18 July 2018 - 10:41 PM

Thank you. Will do.

#4 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 02:57 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.07.2018
Ran by vm (administrator) on VM-PC (19-07-2018 15:54:58)
Running from C:\Users\vm\Downloads
Loaded Profiles: vm (Available Profiles: vm & Administrator & Guest)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 8 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(TOSHIBA CORPORATION) C:\Windows\System32\sbergdxsvc.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\Run: [pedaled] => C:\Program Files (x86)\semiprofessional\pedaled.exe [49435 2018-07-18] ()
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\Run: [bogosian] => C:\Program Files (x86)\Pillory\Academie.exe [400896 2018-07-18] ()
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: J - J:\setup.exe
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {00da9b4a-8efc-11e0-9642-806e6f6e6963} - I:\atisetup.exe
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {2ce75e8d-a754-11e5-9737-e0cb4e26c6ba} - F:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {511841d3-1eb0-11e6-96fc-e0cb4e26c6ba} - I:\sources\setup.exe
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {634fb436-f03a-11e3-81a7-e0cb4e26c6ba} - D:\HPLauncher.exe
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {97d3e1e4-f5a3-11e2-885a-e1f9b7b788cd} - I:\LaunchU3.exe -a
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\MountPoints2: {cecad522-8efd-11e0-a94b-e0cb4e26c6ba} - "P:\WD SmartWare.exe" autoplay=true
IFEO\SYNSOPOS.exe: [Debugger] C:\Program Files (x86)\eLicenser\POS\SYNS0POS.exe
Startup: C:\Users\vm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\rwgchbec.lnk [2018-07-18]
ShortcutTarget: rwgchbec.lnk -> C:\Windows\System32\cmd.exe (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-2471529075-549776662-2202226941-1006\User: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{160E2FDC-F43D-430E-AE90-86FDCDBEE29E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{16D732DF-561A-49F4-BE56-4CD7A6B1108C}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{29547530-7A7D-4D83-94C3-D7B6D658BE6F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{2E63A97E-82AF-4A55-A5C7-92A6BE0AA6A2}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3D6209A4-B135-4544-8136-355813A4E4AA}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{4F16B1D1-071E-4BD3-9BB0-B1DA08E9EBA1}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{597FF591-9D1F-481D-A8EC-03FA81BD611B}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8BAAA41E-DB10-4594-A61E-B8B856C68D19}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{99C2EBB7-E53B-4F19-8359-E614205C1E0E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{A26F911B-CB48-4A49-9A71-4827319FC349}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{B4463BEC-D424-49C3-954B-6BFD72E1F91E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C194E5D5-1CA6-445B-A1B3-947071830D4E}: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{C4C1EED9-D514-4338-9505-7B39B18D1D0F}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CC3FDCC0-070E-419F-9483-3CC237724D44}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{DBB79468-7FE6-4183-8859-EB5022402162}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{E48B8CA0-7A14-44A0-BA03-850606972A65}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{FD8C0808-9032-4671-8E96-97E1FE05E879}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2471529075-549776662-2202226941-1000 -> DefaultScope {245449FF-3AC0-4122-809F-35E110E5E3CD} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-2471529075-549776662-2202226941-1000 -> {245449FF-3AC0-4122-809F-35E110E5E3CD} URL = hxxps://search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: No Name -> {1ff50165-9c1d-2400-07ab-2b338dac13c4} -> No File
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-10] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-10] (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-20] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-20] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\vm\AppData\Roaming\Mozilla\Firefox\Profiles\aqf8ood3.default [2018-07-19]
FF user.js: detected! => C:\Users\vm\AppData\Roaming\Mozilla\Firefox\Profiles\aqf8ood3.default\user.js [2013-06-20]
FF Homepage: Mozilla\Firefox\Profiles\aqf8ood3.default -> hxxps://www.google.com/
FF NewTab: Mozilla\Firefox\Profiles\aqf8ood3.default -> about:newtab
FF Extension: (No Name) - C:\Users\vm\AppData\Roaming\Mozilla\Firefox\Profiles\aqf8ood3.default\extensions\{b9bfaf1c-a63f-47cd-0829-29526ced3775}.xpi [not found]
FF SearchPlugin: C:\Users\vm\AppData\Roaming\Mozilla\Firefox\Profiles\aqf8ood3.default\searchplugins\yahoo-ysp.xml [2015-11-10]
FF Extension: (WebCompat Reporter) - C:\Program Files\Mozilla Firefox\browser\features\webcompat-reporter@mozilla.org.xpi [2018-07-03] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-10] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-10] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2471529075-549776662-2202226941-1000: @tools.google.com/Google Update;version=3 -> C:\Users\vm\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-2471529075-549776662-2202226941-1000: @tools.google.com/Google Update;version=9 -> C:\Users\vm\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
StartMenuInternet: FIREFOX.EXE - firefox.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\hrvpbaz <==== ATTENTION (Rootkit!)
"vdrv1000" => service was unlocked. <==== ATTENTION

S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-04-27] (Apple Inc.)
S4 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
S4 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-07-16] (AOMEI Tech Co., Ltd.) [File not signed]
S4 BotkindSyncService; C:\Program Files\Allway Sync\Bin\SyncService.exe [262144 2016-05-26] () [File not signed]
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2013-03-07] (CobianSoft, Luis Cobian) [File not signed]
S4 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1369280 2016-03-29] (Disc Soft Ltd)
S4 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd)
S4 Focusrite Control Server; C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe [1335808 2018-03-16] (Focusrite Audio Engineering Ltd.) [File not signed]
S4 MBAMService-BackupByMalwarebytesPortable; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NIHostIntegrationAgent; C:\Program Files\Common Files\Native Instruments\Hardware\NIHostIntegrationAgent.exe [21007472 2017-12-06] (Native Instruments GmbH)
S3 nosGetPlusHelper; C:\Windows\System32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 nosGetPlusHelper; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S4 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [File not signed]
S3 Synchro Arts License Manager; C:\Program Files (x86)\Common Files\Synchro Arts Shared\License.exe [175488 2008-02-22] (Synchro Arts Ltd) [File not signed]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
S4 VC10SecS; C:\Program Files (x86)\Virtual CD v10\System\VC10SecS.exe [144712 2010-04-14] (H+H Software GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
S4 MBAMScheduler; "\mbamscheduler.exe" [X]
S4 MozillaMaintenance; no ImagePath
R2 PaceLicenseDServices; "C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe" -u https://activation.paceap.com/InitiateActivation [X] <==== ATTENTION
S2 YmNmY2MzODdiN2Q3; C:\Program Files\YmNmY2MzODdiN2Q3\OTU3OTk0NmFlNj.exe [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-26] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-26] () [File not signed]
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16512 2002-07-17] (Adaptec) [File not signed]
S2 ATE_PROCMON; no ImagePath
R3 bomebus; C:\Windows\System32\DRIVERS\bomebus.sys [38616 2014-06-26] (Bome Software GmbH & Co. KG)
S3 CisUtMonitor; C:\Windows\System32\DRIVERS\CisUtMonitor.sys [54192 2017-01-13] (CrystalIdea Software)
S3 cpuz132; no ImagePath
S3 DrvSnSht; no ImagePath
R3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30264 2016-04-05] (Disc Soft Ltd)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-04-05] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-04-05] (Disc Soft Ltd)
S3 evserial7; C:\Windows\System32\DRIVERS\evserial7.sys [70752 2013-10-15] (ELTIMA Software)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [127280 2013-09-25] (Focusrite Audio Engineering Limited.)
R3 FocusritePCIeSwRoot; C:\Windows\System32\DRIVERS\FocusritePCIeSwRoot.sys [88080 2016-11-09] (Focusrite Audio Engineering Ltd.)
S3 FocusriteUSB; C:\Windows\System32\DRIVERS\FocusriteUSB.sys [87056 2018-01-09] (Focusrite Audio Engineering Ltd.)
S3 FocusriteUSBAudio; C:\Windows\System32\drivers\FocusriteUSBAudio.sys [45072 2018-01-09] (Focusrite Audio Engineering Ltd.)
S3 FocusriteUSBMidi; C:\Windows\System32\drivers\FocusriteUSBMidi.sys [36880 2018-01-09] (Focusrite Audio Engineering Ltd.)
R3 FocusriteUSBSwRoot; C:\Windows\System32\DRIVERS\FocusriteUSBSwRoot.sys [88592 2018-01-09] (Focusrite Audio Engineering Ltd.)
S3 HH10Help.sys; C:\Windows\system32\drivers\HH10Help.sys [24088 2009-07-09] (H+H Software GmbH)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [55232 2018-07-18] ()
S4 hywnyut; C:\Windows\System32\drivers\bjffnb.sys [79064 2018-07-18] (Malwarebytes)
R3 iLokDrvr; C:\Windows\System32\DRIVERS\iLokDrvr.sys [25808 2017-12-01] ()
R3 iLokDrvr; C:\Windows\SysWOW64\DRIVERS\iLokDrvr.sys [27264 2005-01-12] (PACE Anti-Piracy, Inc.) [File not signed]
S3 ipMIDI; C:\Windows\System32\drivers\ipmidi.sys [23040 2011-05-15] (nerds.de)
S3 KORGUMDS; C:\Windows\System32\Drivers\KORGUM64.SYS [34136 2014-01-16] (KORG INC.)
S3 lm1394; C:\Windows\System32\DRIVERS\lm1394.sys [52864 2009-08-25] (Sintefex Audio Lda)
S3 MAFW; C:\Windows\System32\DRIVERS\mafw.sys [231944 2009-07-29] (Avid Technology, Inc.)
S3 MAFWPROFIRE; C:\Windows\System32\DRIVERS\MAudioProFire.sys [287240 2010-03-01] (Avid Technology, Inc.)
S3 MAUSBMICRO; C:\Windows\System32\DRIVERS\MAudioMicro.sys [187912 2009-09-03] (Avid Technology, Inc.)
U5 MBAMService; H:\Download Loops Here\Malwarebytes Anti-Malware Premium v2.2.1.1043 Portable by Foxx PortableAppZ\MalwarebytesPremiumPortable_2.2.1.1043-Rev4\App\Malwarebytes\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S3 MFWAMIDI64; C:\Windows\System32\drivers\MFWAMIDI64.sys [34576 2015-07-14] (Mark of the Unicorn)
S3 MFWAWAVE64; C:\Windows\System32\drivers\MFWAWAVE64.sys [84752 2015-07-14] (Mark of the Unicorn)
R3 mlkumidi; C:\Windows\System32\drivers\mlkumidi.sys [55856 2014-08-30] (MusicLab, Inc.)
S3 MotuFWA64; C:\Windows\System32\drivers\Motufwa64.sys [656144 2015-07-14] (Mark of the Unicorn)
S3 MQ8DX; C:\Windows\System32\DRIVERS\mq8dx.sys [36536 2012-06-29] (Earth Vega Connection) [File not signed]
S3 MQ8DXDM; C:\Windows\System32\DRIVERS\mq8dxdm.sys [44216 2011-09-07] (Earth Vega Connection)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R3 nikkbdmidi; C:\Windows\System32\Drivers\nikkbdmidi.sys [335080 2014-06-26] (Native Instruments GmbH)
R3 nikkbdusb; C:\Windows\System32\DRIVERS\nikkbdusb.sys [81200 2014-06-26] (Native Instruments GmbH)
S3 NmPar; C:\Windows\System32\DRIVERS\NmPar.sys [95744 2010-07-09] (Windows ® Codename Longhorn DDK provider)
S3 paeusbaudio; C:\Windows\System32\DRIVERS\paeusbaudio_x64.sys [252280 2012-05-24] ()
S3 paeusbaudiodsp; C:\Windows\System32\DRIVERS\paeusbaudiodsp_x64.sys [71544 2012-05-24] ()
S3 paeusbaudioks; C:\Windows\System32\DRIVERS\paeusbaudioks_x64.sys [53112 2012-05-24] ()
S3 R-ImageDisk; no ImagePath
S3 rspLLL; C:\Windows\System32\DRIVERS\rspLLL64.sys [21560 2012-05-14] (Resplendence Software Projects Sp.)
R3 sonarworks_VirtualDevice; C:\Windows\System32\DRIVERS\sonarworks.sys [435392 2017-10-06] (Sonarworks)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [394296 2016-04-05] (Duplex Secure Ltd.)
S3 StnPport; C:\Windows\System32\DRIVERS\StnPport.sys [98816 2013-06-17] (ASIX Electronics Corp.)
R3 synusb64; C:\Windows\System32\DRIVERS\synusb64.sys [30352 2009-06-26] (Steinberg Media Technologies GmbH)
R3 tbwkern; C:\Windows\System32\DRIVERS\tbwkern.sys [32848 2011-06-13] ()
R0 Tpkd; C:\Windows\SysWow64\Drivers\Tpkd.sys [70048 2005-01-12] (PACE Anti-Piracy, Inc.) [File not signed]
R1 vdrv1000; C:\Windows\System32\Drivers\VDRV1000.SYS [223256 2010-03-25] (H+H Software GmbH)
R0 vidsflt58; C:\Windows\System32\DRIVERS\vsflt58.sys [142944 2013-02-15] (Acronis)
S3 VSBC7; C:\Windows\System32\DRIVERS\evsbc7.sys [34232 2013-10-15] (ELTIMA Software)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [73296 2013-10-08] (VMware, Inc.)
S3 x-usb_audio; C:\Windows\System32\DRIVERS\x-usb_audio_x64.sys [254464 2014-05-16] () [File not signed]
S3 x-usb_audioks; C:\Windows\System32\DRIVERS\x-usb_audioks_x64.sys [46080 2014-05-16] () [File not signed]
R3 xusb_audio; C:\Windows\System32\DRIVERS\xusb_audio.sys [275800 2017-05-09] (Thesycon Software Solutions GmbH & Co. KG)
R3 xusb_audioks; C:\Windows\System32\DRIVERS\xusb_audioks.sys [53080 2017-05-09] (Thesycon Software Solutions GmbH & Co. KG)
S3 YMIDUSBW; C:\Windows\System32\drivers\ymidusbx64.sys [43744 2015-07-28] (Yamaha Corporation)
S3 ysusb64; C:\Windows\System32\drivers\ysusb64.sys [147392 2016-04-11] (Yamaha Corporation)
U3 a77xgvv6; C:\Windows\System32\Drivers\a77xgvv6.sys [0 ] (H+H Software GmbH) <==== ATTENTION (zero byte File/Folder)
S4 bpzsmg; System32\drivers\wibgtoex.sys [X]
S3 firefaceu64; system32\drivers\fireface_usb_64.sys [X]
S3 kxwdmdrv; system32\drivers\kx.sys [X]
S3 MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [X]
S3 MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [X]
S3 motubus; system32\drivers\MotuBus64.sys [X]
S4 nvlddmkm; system32\DRIVERS\nvlddmkm.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R3 ycfilp; system32\drivers\filpsv.sys [X]
S1 YzNjMjMxZmU3NGI5N; system32\drivers\YzNjMjMxZmU3NGI5N.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2029-09-07 16:31 - 2029-09-07 16:31 - 000028714 _____ (EMC Software GmbH) C:\Windows\SysWOW64\codec.dat
2018-07-19 15:54 - 2018-07-19 15:55 - 000021746 _____ C:\Users\vm\Downloads\FRST.txt
2018-07-19 15:54 - 2018-07-19 15:54 - 000000000 ____D C:\FRST
2018-07-19 15:50 - 2018-07-19 15:50 - 000001107 _____ C:\Users\Public\Desktop\DriveImage XML.lnk
2018-07-19 15:50 - 2018-07-19 15:50 - 000000000 ____D C:\Program Files (x86)\Runtime Software
2018-07-19 15:50 - 2018-07-19 15:50 - 000000000 ____D C:\Program Files (x86)\Cobian Backup 11
2018-07-19 15:49 - 2018-07-19 15:49 - 019709440 _____ (Luis Cobian, CobianSoft) C:\Users\vm\Downloads\cbSetup.exe
2018-07-19 15:49 - 2018-07-19 15:49 - 002023440 _____ C:\Users\vm\Downloads\dixmlsetup.exe
2018-07-19 15:46 - 2018-07-19 15:46 - 002412544 _____ (Farbar) C:\Users\vm\Downloads\FRST64.exe
2018-07-18 20:01 - 2018-07-18 20:01 - 000145232 ____N C:\Windows\system32\Drivers\vsdbfilo.sys
2018-07-18 19:58 - 2018-07-18 19:58 - 000003842 _____ C:\Windows\system32\.crusader
2018-07-18 19:55 - 2018-07-18 20:00 - 000055232 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2018-07-18 19:55 - 2018-07-18 19:55 - 000000000 ____D C:\Program Files\HitmanPro
2018-07-18 19:48 - 2018-07-18 19:48 - 006625600 _____ (Zemana Ltd. ) C:\Users\vm\Downloads\Zemana.AntiMalware.Setup.exe
2018-07-18 19:45 - 2018-07-18 19:45 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-07-18 19:43 - 2018-07-18 19:44 - 075794344 _____ (Malwarebytes ) C:\Users\vm\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.5953.exe
2018-07-18 19:43 - 2018-07-18 19:44 - 011576808 _____ (SurfRight B.V.) C:\Users\vm\Downloads\hitmanpro_x64.exe
2018-07-18 19:39 - 2018-07-18 19:40 - 000000000 ____D C:\AdwCleaner
2018-07-18 19:39 - 2018-07-18 19:39 - 007417040 _____ (Malwarebytes) C:\Users\vm\Downloads\adwcleaner_7.2.2.exe
2018-07-18 17:20 - 2018-07-18 19:52 - 000000001 _____ C:\b5f6eartcs2r2lj
2018-07-18 17:07 - 2018-07-18 17:07 - 000000000 _____ C:\Windows\system32\OCL534D.tmp
2018-07-18 16:48 - 2018-07-18 16:48 - 000000000 _____ C:\Windows\system32\OCL4A86.tmp
2018-07-18 16:44 - 2018-07-18 16:44 - 000079064 _____ (Malwarebytes) C:\Windows\system32\Drivers\bjffnb.sys
2018-07-18 16:42 - 2018-07-19 15:48 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-07-18 16:42 - 2018-07-19 15:45 - 000000000 ____D C:\Users\vm\AppData\LocalLow\Mozilla
2018-07-18 16:42 - 2018-07-18 16:42 - 000313776 _____ (Mozilla) C:\Users\vm\Downloads\Firefox Installer.exe
2018-07-18 16:42 - 2018-07-18 16:42 - 000000884 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-07-18 16:42 - 2018-07-18 16:42 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-07-18 16:30 - 2018-07-18 16:30 - 000000000 _____ C:\Windows\system32\OCL40B7.tmp
2018-07-18 16:27 - 2018-07-18 16:27 - 000000000 _____ C:\Windows\system32\OCL5253.tmp
2018-07-18 16:22 - 2018-07-18 16:22 - 000000000 _____ C:\Windows\system32\OCL499D.tmp
2018-07-18 16:22 - 2018-07-18 16:22 - 000000000 _____ C:\Windows\system32\OCL46CF.tmp
2018-07-18 16:21 - 2018-07-18 19:52 - 000000000 ____D C:\Program Files\YmNmY2MzODdiN2Q3
2018-07-18 16:14 - 2018-07-18 16:14 - 000000000 ____D C:\Users\vm\AppData\Local\Windows
2018-07-18 16:10 - 2018-07-18 16:16 - 000000000 ____D C:\Users\vm\AppData\Local\auaxcon
2018-07-18 16:05 - 2018-07-18 16:05 - 000000000 ____D C:\VITSOFT
2018-07-18 16:04 - 2018-07-18 16:15 - 000000000 ____D C:\Users\vm\AppData\Local\cobexzp
2018-07-18 16:04 - 2018-07-18 16:04 - 000000000 ____D C:\Users\vm\AppData\Local\psihatb
2018-07-18 16:04 - 2018-06-19 07:57 - 000086248 _____ (360.cn) C:\Windows\SysWOW64\Drivers\360AvFlt.sys
2018-07-18 16:04 - 2016-05-05 15:23 - 001085624 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\HLvideo.dll
2018-07-18 16:04 - 2016-05-05 15:23 - 000561336 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\HLsplit.dll
2018-07-18 16:04 - 2016-05-05 15:23 - 000263864 __RSH (1f0.de - Hendrik Leppkes) C:\Windows\HLaudio.dll
2018-07-18 16:04 - 2011-06-14 22:05 - 000121344 __RSH C:\Windows\TAKDSDecoder.ax
2018-07-18 16:04 - 2010-11-20 08:16 - 000199680 _____ (Microsoft Corporation) C:\Windows\mpg2splt.ax
2018-07-18 16:04 - 2009-08-11 01:00 - 000352768 __RSH C:\Windows\ac3DX.ax
2018-07-18 16:04 - 2005-02-22 19:55 - 000081920 __RSH C:\Windows\aac_parser.ax
2018-07-18 16:04 - 2004-04-27 18:03 - 000017408 __RSH (RadLight) C:\Windows\RLOFRDec.ax
2018-07-18 16:03 - 2018-07-19 15:43 - 002912256 _____ (TOSHIBA CORPORATION) C:\Windows\system32\sbergdxsvc.exe
2018-07-18 16:03 - 2018-07-18 19:52 - 000000000 ____D C:\Program Files (x86)\Pillory
2018-07-18 16:03 - 2018-07-18 19:52 - 000000000 ____D C:\Program Files (x86)\impersonation
2018-07-18 16:03 - 2018-07-18 16:44 - 000000000 ____D C:\Program Files (x86)\aversa
2018-07-18 16:03 - 2018-07-18 16:44 - 000000000 ____D C:\Program Files (x86)\AirGrob
2018-07-18 16:03 - 2018-07-18 16:21 - 000000000 ____D C:\Program Files (x86)\360
2018-07-18 16:03 - 2018-07-18 16:04 - 000000012 _____ C:\Windows\b14878793
2018-07-18 16:03 - 2018-07-18 16:03 - 000003728 _____ C:\Windows\System32\Tasks\haymarket
2018-07-18 16:03 - 2018-07-18 16:03 - 000003552 _____ C:\Windows\System32\Tasks\haymarkethaymarket
2018-07-18 16:03 - 2018-07-18 16:03 - 000000012 ___SH C:\Windows\C8D416AC89EA
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ___HD C:\Program Files (x86)\semiprofessional
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ___HD C:\Program Files (x86)\Grog
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ____D C:\Windows\SysWOW64\lmkopvw
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ____D C:\Windows\system32\lmkopvw
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ____D C:\Users\vm\AppData\Roaming\Python
2018-07-18 16:03 - 2018-07-18 16:03 - 000000000 ____D C:\Program Files (x86)\Gum
2018-07-18 16:02 - 2018-07-18 16:47 - 000000000 ____D C:\Users\vm\AppData\Roaming\WNetworkMgmt
2018-07-18 16:02 - 2018-07-18 16:02 - 000000034 _____ C:\Users\Public\Documents\{DE764086-1C0A-4DD3-90BA-0B93BDD794BE}
2018-07-18 16:02 - 2018-07-18 16:02 - 000000000 ____D C:\Users\vm\AppData\Roaming\et
2018-07-18 16:02 - 2016-05-05 15:23 - 000556216 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avutil-lav-55.dll
2018-07-18 16:02 - 2016-05-05 15:23 - 000537784 __RSH (FFmpeg Project) C:\Windows\SysWOW64\swscale-lav-4.dll
2018-07-18 16:02 - 2016-05-05 15:22 - 010766520 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avcodec-lav-57.dll
2018-07-18 16:02 - 2016-05-05 15:22 - 001699000 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avformat-lav-57.dll
2018-07-18 16:02 - 2016-05-05 15:22 - 000188088 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avfilter-lav-6.dll
2018-07-18 16:02 - 2016-05-05 15:22 - 000160440 __RSH (FFmpeg Project) C:\Windows\SysWOW64\avresample-lav-3.dll
2018-07-18 15:58 - 2018-07-18 15:59 - 065475785 _____ ( ) C:\Users\vm\Downloads\SUPERsetup.exe
2018-07-18 15:43 - 2018-07-18 15:43 - 000000000 ____D C:\Users\vm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VITSOFT
2018-07-18 15:43 - 2018-07-18 15:43 - 000000000 ____D C:\Program Files (x86)\VITSOFT
2018-07-18 15:26 - 2018-07-18 15:26 - 000000000 ____D C:\Program Files\Logitech
2018-07-18 15:22 - 2018-07-18 15:24 - 000000000 ____D C:\Users\vm\Desktop\NexusMpackNKS
2018-07-18 15:18 - 2018-07-18 15:18 - 000000000 ____D C:\Users\vm\Downloads\Arturia
2018-07-18 14:47 - 2018-07-18 14:47 - 002349313 _____ C:\Users\vm\Downloads\New Recording 5.m4a
2018-07-18 14:47 - 2018-07-18 14:47 - 002349313 _____ C:\Users\vm\Downloads\New Recording 5 (1).m4a
2018-07-18 14:40 - 2018-07-18 14:52 - 090825904 _____ C:\Users\vm\Downloads\l_Preset.rar
2018-07-18 14:15 - 2018-07-18 14:24 - 1287876569 _____ C:\Users\vm\Downloads\Syntronik_1.2.zip
2018-07-18 12:58 - 2018-07-18 12:58 - 000000000 ____D C:\Users\vm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AdWords Editor
2018-07-18 06:03 - 2018-07-18 06:03 - 000097110 _____ C:\Windows\uninstaller.dat
2018-07-18 05:14 - 2018-07-18 05:14 - 000400896 _____ C:\Users\vm\AppData\Local\Monitors.exe
2018-07-18 05:14 - 2018-07-18 05:14 - 000400896 _____ C:\Users\vm\AppData\Local\Academie.exe
2018-07-03 17:43 - 2018-07-03 17:43 - 000001054 _____ C:\Users\Public\Desktop\Controller Editor.lnk
2018-07-03 17:42 - 2018-07-03 17:42 - 041790248 _____ (Native Instruments ) C:\Users\vm\Downloads\Controller_Editor_170_Win (1).exe
2018-07-03 17:37 - 2018-07-03 17:37 - 000306928 _____ (Thesycon GmbH) C:\Users\vm\Downloads\dpclat.exe
2018-07-03 14:48 - 2018-07-03 14:48 - 041790248 _____ (Native Instruments ) C:\Users\vm\Downloads\Controller_Editor_170_Win.exe
2018-07-03 14:48 - 2018-07-03 14:48 - 005324392 _____ (Native Instruments ) C:\Users\vm\Downloads\Komplete_Kontrol_Driver_Setup_Win.exe
2018-07-03 14:48 - 2018-07-03 14:48 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_nikkbdusb_01011.Wdf
2018-07-02 20:02 - 2018-07-02 20:02 - 000000000 ____D C:\Users\vm\AppData\Local\Apple Inc
2018-07-02 19:53 - 2018-07-02 19:53 - 000359656 _____ (Microsoft Corporation) C:\Users\vm\Downloads\msicuu2.exe
2018-07-02 19:53 - 2018-07-02 19:53 - 000002839 _____ C:\Users\vm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Install Clean Up.lnk
2018-07-02 19:53 - 2018-07-02 19:53 - 000000000 ____D C:\Program Files (x86)\Windows Installer Clean Up
2018-07-02 19:39 - 2018-07-02 19:40 - 160385336 _____ (Apple Inc.) C:\Users\vm\Downloads\iCloudSetup.exe
2018-07-02 19:36 - 2018-07-02 19:37 - 134650184 _____ (Apple Inc.) C:\Users\vm\Downloads\iTunes64Setup (1).exe
2018-07-02 19:29 - 2018-07-02 19:31 - 272259912 _____ (Apple Inc.) C:\Users\vm\Downloads\iTunes64Setup.exe
2018-07-02 19:27 - 2018-07-02 19:27 - 000000000 ____D C:\Windows\System32\Tasks\Apple
2018-07-02 19:27 - 2018-07-02 19:27 - 000000000 ____D C:\Program Files (x86)\Apple Software Update
2018-07-02 19:23 - 2018-07-02 19:23 - 000000000 ____D C:\Users\vm\AppData\Local\Apple

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-19 15:54 - 2009-07-13 22:34 - 038797312 _____ C:\Windows\system32\config\HARDWARE
2018-07-19 15:49 - 2009-07-14 00:45 - 000016352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-07-19 15:49 - 2009-07-14 00:45 - 000016352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-07-19 15:43 - 2009-07-14 01:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-07-18 19:58 - 2017-01-16 15:19 - 000000000 ____D C:\Windows\AutoKMS
2018-07-18 19:52 - 2016-04-05 01:56 - 000000000 ____D C:\Program Files\DAEMON Tools Pro
2018-07-18 19:52 - 2014-08-13 15:20 - 000000000 ____D C:\Program Files (x86)\Eminence
2018-07-18 19:51 - 2012-08-21 20:24 - 000000000 ____D C:\Users\vm\AppData\Local\Google
2018-07-18 19:44 - 2018-05-08 14:33 - 000001827 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-18 17:11 - 2011-10-16 13:41 - 000000000 ____D C:\Windows\pss
2018-07-18 17:11 - 2011-06-29 18:51 - 000000336 _____ C:\Windows\system32\w3data.vss
2018-07-18 17:11 - 2011-06-29 18:51 - 000000336 _____ C:\Windows\system32\msvcsv60.dll
2018-07-18 17:11 - 2011-06-18 12:21 - 000000336 _____ C:\Users\vm\AppData\Roaming\msregsvv.dll
2018-07-18 17:11 - 2011-06-04 21:30 - 000000416 _____ C:\Windows\msocreg32.dat
2018-07-18 17:05 - 2009-07-14 01:13 - 000006456 _____ C:\Windows\system32\PerfStringBackup.INI
2018-07-18 16:49 - 2015-06-13 23:21 - 000000000 ____D C:\Users\vm\Documents\Ample Sound
2018-07-18 16:49 - 2013-07-23 13:48 - 000000000 ____D C:\Users\vm\AppData\Roaming\Ample Sound
2018-07-18 16:47 - 2012-08-21 20:23 - 000000258 __RSH C:\Users\vm\ntuser.pol
2018-07-18 16:47 - 2011-06-04 18:52 - 000000000 ____D C:\Users\vm
2018-07-18 16:42 - 2011-06-06 00:18 - 000000000 ____D C:\Users\vm\AppData\Roaming\Mozilla
2018-07-18 16:41 - 2015-11-02 23:52 - 000002285 _____ C:\Users\Administrator\Desktop\Google Chrome.lnk
2018-07-18 16:34 - 2013-04-09 00:58 - 000000000 ____D C:\Program Files (x86)\eRightSoft
2018-07-18 16:31 - 2016-07-05 18:31 - 000000258 _____ C:\Windows\Tasks\{79E0D747-954A-3808-F527-3E0E4315B31C}.job
2018-07-18 16:22 - 2015-07-03 13:23 - 000000000 ____D C:\Users\vm\AppData\Local\CrashDumps
2018-07-18 16:03 - 2009-07-13 23:20 - 000000000 ___HD C:\Windows\system32\GroupPolicy
2018-07-18 16:03 - 2009-07-13 22:34 - 000002321 _____ C:\Windows\system32\Drivers\etc\hosts.BackupByMalwarebytesPortable
2018-07-18 16:02 - 2018-04-11 10:25 - 000000000 ____D C:\Program Files\FocusriteUSB
2018-07-18 15:37 - 2016-03-30 17:28 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-07-18 15:27 - 2015-08-03 21:10 - 000000000 ____D C:\Users\vm\AppData\Local\Deployment
2018-07-18 15:25 - 2011-06-04 19:42 - 000000000 ____D C:\Windows\Panther
2018-07-18 15:21 - 2015-09-29 19:37 - 000000130 _____ C:\Users\vm\Documents\AddictiveDrumsLog.txt
2018-07-18 15:20 - 2011-06-04 22:01 - 000000000 ____D C:\Users\vm\AppData\Local\Spectrasonics
2018-07-18 15:19 - 2017-12-13 16:36 - 000000000 ____D C:\Users\vm\Documents\Sonarworks Projects
2018-07-18 15:19 - 2015-12-23 15:01 - 000000000 ____D C:\Users\vm\AppData\Roaming\ViberPC
2018-07-18 15:19 - 2015-05-07 23:36 - 000000000 ____D C:\Program Files\Common Files\Apple
2018-07-18 15:19 - 2011-06-13 00:58 - 000000000 ____D C:\Users\vm\AppData\Roaming\Apple Computer
2018-07-18 15:17 - 2014-06-12 16:06 - 000000000 ____D C:\Users\vm\Documents\Addictive Drums 2 Logs
2018-07-18 15:14 - 2015-12-23 15:02 - 000000000 ____D C:\Users\vm\Documents\ViberDownloads
2018-07-18 14:32 - 2011-06-27 22:41 - 000000000 ____D C:\Program Files\Common Files\VST3
2018-07-18 14:31 - 2014-08-07 13:45 - 000000000 ____D C:\Program Files\IK Multimedia
2018-07-18 14:31 - 2011-06-17 23:47 - 000000000 ____D C:\Users\vm\Documents\IK Multimedia
2018-07-03 14:48 - 2011-06-04 20:25 - 000000000 ____D C:\Program Files\Native Instruments
2018-07-03 14:48 - 2009-07-13 23:20 - 000000000 ____D C:\Windows\inf
2018-07-02 19:53 - 2016-04-15 17:16 - 000000000 ____D C:\Program Files (x86)\MSECache
2018-07-02 19:49 - 2011-06-05 17:46 - 000000000 ____D C:\Users\vm\AppData\Local\Apple Computer
2018-07-02 19:24 - 2013-08-10 22:55 - 000000000 ____D C:\Program Files (x86)\QuickTime
2018-06-19 14:09 - 2017-12-01 17:25 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys

==================== Files in the root of some directories =======

2011-05-10 01:12 - 2011-05-10 01:12 - 000009847 _____ () C:\Program Files (x86)\License Agreement.rtf
2011-05-10 01:12 - 2011-05-10 01:12 - 000001056 _____ () C:\Program Files (x86)\Plug-In Setup Help.txt
2011-07-17 01:31 - 2011-07-17 01:31 - 000001850 _____ () C:\Program Files (x86)\setuplog.txt
2015-11-16 21:24 - 2009-11-05 10:50 - 009535488 _____ (Softube) C:\Program Files (x86)\Tube Delay.dll
2012-09-16 21:55 - 2012-09-16 21:55 - 000083505 _____ () C:\Program Files (x86)\Uninstal.exe
2011-07-17 01:31 - 2011-07-17 01:31 - 000003286 _____ () C:\Program Files (x86)\uninstal.log
2011-05-09 20:01 - 2011-05-09 20:01 - 000380337 _____ () C:\Program Files (x86)\Voxengo Elephant User Guide en.pdf
2011-05-09 20:03 - 2011-05-09 20:03 - 000798681 _____ () C:\Program Files (x86)\Voxengo Primary User Guide en.pdf
2011-05-10 01:12 - 2011-05-10 01:12 - 000003857 _____ () C:\Program Files (x86)\whatsnew.txt
2011-10-24 23:56 - 2011-10-24 23:56 - 000000000 ____H () C:\Users\vm\AppData\Roaming\.829731523E818710.sys
2014-01-11 18:20 - 2017-04-21 15:29 - 000000633 _____ () C:\Users\vm\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-06-18 13:07 - 2015-12-20 01:47 - 000000056 _____ () C:\Users\vm\AppData\Roaming\MOTU FireWire SMPTE Prefs.prefs
2011-06-18 12:21 - 2018-07-18 17:11 - 000000336 _____ () C:\Users\vm\AppData\Roaming\msregsvv.dll
2012-08-21 18:43 - 2012-08-21 18:44 - 000000120 _____ () C:\Users\vm\AppData\Roaming\syslogs
2009-07-13 16:46 - 2009-06-10 17:23 - 001169224 _____ (Microsoft Corporation) C:\Users\vm\AppData\Roaming\WH4O9FKJ5T.exe
2018-07-18 05:14 - 2018-07-18 05:14 - 000400896 _____ () C:\Users\vm\AppData\Local\Academie.exe
2018-07-18 05:14 - 2018-07-18 05:14 - 000400896 _____ () C:\Users\vm\AppData\Local\Monitors.exe
2013-02-16 17:56 - 2013-02-16 20:48 - 000007622 _____ () C:\Users\vm\AppData\Local\resmon.resmoncfg
2011-06-27 22:47 - 2011-06-27 22:47 - 000017408 _____ () C:\Users\vm\AppData\Local\WebpageIcons.db
2015-05-04 14:02 - 2015-05-04 14:02 - 000000000 _____ () C:\Users\vm\AppData\Local\{6451559C-5EEE-445A-993B-7D1D2FF6EEA9}
2015-08-16 21:15 - 2015-08-16 21:15 - 000000000 _____ () C:\Users\vm\AppData\Local\{7F9F5914-45A6-43E1-83BB-2CADFE743077}
2015-06-22 20:08 - 2015-06-22 20:08 - 000000000 _____ () C:\Users\vm\AppData\Local\{FE7A5212-74BD-4678-9AAE-F6327EAFF456}

Files to move or delete:
====================
C:\Windows\Tasks\{79E0D747-954A-3808-F527-3E0E4315B31C}.job


Some files in TEMP:
====================
2016-04-07 21:21 - 2016-04-07 21:22 - 059162424 _____ () C:\Users\Administrator\AppData\Local\Temp\playstv_patch.exe
2018-07-18 16:02 - 2018-07-18 16:03 - 078346824 _____ () C:\Users\vm\AppData\Local\Temp\360TS_Setup_EN_CPI001_10.0.0.1104.exe
2017-12-20 17:56 - 2017-12-20 17:56 - 003221400 _____ () C:\Users\vm\AppData\Local\Temp\3c599bd1-9aca-43e6-8461-c83f73bb9dae.exe
2017-12-20 18:03 - 2017-12-20 18:03 - 003221400 _____ () C:\Users\vm\AppData\Local\Temp\85cdc8e1-2678-4032-a669-58330b33c0b4.exe
2016-03-30 02:39 - 2016-03-30 02:33 - 000023040 _____ () C:\Users\vm\AppData\Local\Temp\BVTX-VCI-RT.dll
2016-08-23 04:46 - 2016-05-11 21:54 - 000312320 _____ (TODO: <公司名>) C:\Users\vm\AppData\Local\Temp\J2534Tool.exe
2018-06-27 16:03 - 2018-06-27 16:03 - 000546952 _____ (Logitech) C:\Users\vm\AppData\Local\Temp\LDeviceInstaller.exe
2018-01-05 12:32 - 2018-06-18 13:47 - 000058760 _____ (Logitech Inc.) C:\Users\vm\AppData\Local\Temp\LogiOptionsfileUninstaller.exe
2018-03-09 13:14 - 2018-06-18 13:57 - 000259304 _____ (Logitech Inc.) C:\Users\vm\AppData\Local\Temp\LogiOptionsUninstaller.exe
2017-12-20 17:56 - 2017-12-20 18:03 - 000455328 _____ (Microsoft Corporation) C:\Users\vm\AppData\Local\Temp\msvcp120.dll
2017-12-20 17:56 - 2017-12-20 18:03 - 000970912 _____ (Microsoft Corporation) C:\Users\vm\AppData\Local\Temp\msvcr120.dll
2015-07-31 09:51 - 2015-07-31 09:51 - 000202928 ____R (Microsoft Corporation) C:\Users\vm\AppData\Local\Temp\ose00000.exe
2015-11-05 06:29 - 2016-01-26 02:42 - 000341504 _____ (ALLSCANNER) C:\Users\vm\AppData\Local\Temp\PDU.dll
2017-04-14 17:17 - 2017-07-21 11:58 - 000010752 _____ () C:\Users\vm\AppData\Local\Temp\PlaySound.dll
2018-06-27 16:03 - 2018-06-27 16:03 - 004139656 _____ (Logitech, Inc.) C:\Users\vm\AppData\Local\Temp\PlugInInstallerUtility.exe
2018-06-27 16:03 - 2018-06-27 16:03 - 002663560 _____ (Logitech, Inc.) C:\Users\vm\AppData\Local\Temp\PlugInInstallLib.dll
2017-12-01 17:23 - 2017-11-02 13:05 - 078346672 _____ (Malwarebytes                                                ) C:\Users\vm\AppData\Local\Temp\Setup.exe
2017-12-20 17:56 - 2017-12-20 18:03 - 000068096 _____ () C:\Users\vm\AppData\Local\Temp\SonarworksLicensingCLI.dll
2017-12-20 17:56 - 2017-12-20 18:03 - 000247984 _____ (Microsoft Corporation) C:\Users\vm\AppData\Local\Temp\vccorlib120.dll
2014-09-29 06:52 - 2016-02-01 03:00 - 000052736 _____ () C:\Users\vm\AppData\Local\Temp\VCX.dll
2014-09-29 06:52 - 2017-06-20 03:31 - 000069632 _____ () C:\Users\vm\AppData\Local\Temp\VCXPT32.dll
2017-08-05 17:10 - 2011-06-04 20:19 - 000455600 _____ (Macrovision Corporation) C:\Users\vm\AppData\Local\Temp\_isA834.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
C:\Windows\system32\drivers\vsdbfilo.sys -> Access Denied <======= ATTENTION

LastRegBack: 2018-07-18 12:45

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.07.2018
Ran by vm (19-07-2018 15:55:17)
Running from C:\Users\vm\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2011-06-04 22:48:03)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

9FEFEF28296F4C8C8340 (S-1-5-21-2471529075-549776662-2202226941-1006 - Limited - Enabled)
A1B16BD01EAD48C0A26A (S-1-5-21-2471529075-549776662-2202226941-1008 - Limited - Enabled)
Administrator (S-1-5-21-2471529075-549776662-2202226941-500 - Administrator - Disabled) => C:\Users\Administrator
Guest (S-1-5-21-2471529075-549776662-2202226941-501 - Limited - Disabled) => C:\Users\Guest
vm (S-1-5-21-2471529075-549776662-2202226941-1000 - Administrator - Enabled) => C:\Users\vm

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2.5.3 (HKLM\...\SWAM Soprano Sax_is1) (Version: 2.5.3 64bit - Samplemodeling)
2.5.3 (HKLM\...\SWAM The Soprano and Bass Clarinets_is1) (Version: 2.5.3 64bit - Samplemodeling)
8 Port SE DirectMusic 64 bit driver (HKLM\...\mq8-dx) (Version:  - )
AAS - Lounge Lizard EP-4 (HKLM-x32\...\Lounge Lizard EP-4) (Version:  - Applied Acoustics Systems)
Ableton Live 9 Suite (HKLM\...\{11DF5764-52FF-4149-8B65-FB4D721975C9}) (Version: 9.0.0.0 - Ableton)
Acon Digital Multiply (64 bit) 1.1.1 (HKLM\...\{A5E784FC-ABB8-486F-8740-6550BFB4CC6D}_is1) (Version: 1.1.1 - Acon AS)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
AdWords Editor (HKLM-x32\...\{6409F3DE-8611-11E8-9A33-DC4A3E998CF6}) (Version: 12.4.2.0 - Google)
Allen Morgan Avatar Presets (HKLM-x32\...\{4AFDFB53-C8D0-4DFE-BBC1-6E8BB2694FDC}) (Version: 1.0.0 - Toontrack)
Allen Morgan Avatar Presets 2 (HKLM-x32\...\{9B05180C-62FA-4745-9FC2-8BBE7EC6FFD4}) (Version: 1.0.0 - Toontrack)
Allway Sync version 16.0.1 (HKLM\...\Allway Sync_is1) (Version:  - Botkind Inc)
Alternative Rock EZmix pack (HKLM-x32\...\{1C5A2ABB-E75E-41CC-A243-DE1FBD81687A}) (Version: 1.0.0 - Toontrack)
Ample Bass J II version 2.3.0 (HKLM-x32\...\{04C42F03-37A2-481A-8D1B-9F03164B23CA}_is1) (Version: 2.3.0 - Ample Sound Technology Co., Ltd.)
Ample Bass P version 1.1.0 (HKLM-x32\...\{9E12DB30-0896-11E4-9191-0800200C9A66}_is1) (Version: 1.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar F II version 2.0.2 (HKLM-x32\...\{26ABCDDF-80B4-409D-B169-400C54E6E1C0}_is1) (Version: 2.0.2 - Ample Sound Technology Co., Ltd.)
Ample Guitar M II version 2.3.0 (HKLM-x32\...\{DBBA77E4-611C-4633-AC13-96A6598AF746}_is1) (Version: 2.3.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar T II Extension 1 (Finger) version 2.1.0 (HKLM-x32\...\Ample Guitar T II Extension 1 (Finger)_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.)
Ample Guitar T II version 2.1.0 (HKLM-x32\...\{548F88E8-79D2-441F-B87B-E71754257651}_is1) (Version: 2.1.0 - Ample Sound Technology Co., Ltd.)
AmpliTube 4 version 4.3.0 (HKLM\...\{21B0C8E0-7EB7-4832-B764-20A7DAE86E02}_is1) (Version: 4.3.0 - IK Multimedia)
Analog Channel (HKLM-x32\...\{7E6941CA-15B4-4AC5-A54D-2A1C739323B6}) (Version: 2.6.4 - McDSP)
Analog Channel (HKLM-x32\...\{F972AAC6-5E7D-4B0E-B54A-CCEF1788E1B5}) (Version: 2.6.4 - McDSP) Hidden
Andy Sneap Metal Foundry Presets (HKLM-x32\...\{30D0766D-5556-439F-9B1C-BFE5A2B78E56}) (Version: 1.0.0 - Toontrack)
Antares Auto-Tune Evo VST (HKLM-x32\...\{FFF74EC9-1FF4-4456-99E3-4F05129F4FAB}) (Version: 6.00.0009 - Antares Audio Technologies)
Antares AVOX Evo VST RTAS v3.0.2 (HKLM-x32\...\Antares AVOX Evo VST RTAS_is1) (Version:  - )
Antares Harmony Engine VST RTAS v1.0 (HKLM-x32\...\Antares Harmony Engine VST RTAS_is1) (Version:  - Team AiR 2007)
Antares Microphone Modeler DX v1.32 (HKLM-x32\...\Antares Microphone Modeler DX v1.32) (Version:  - )
AnyToISO (HKLM-x32\...\AnyToISO_is1) (Version: 3.3 - CrystalIdea Software, Inc.)
AOMEI Backupper Standard (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536C09F}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (32-bit) (HKLM-x32\...\{C56BA005-F02C-461B-ACA5-A0CE3E32578F}) (Version: 6.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{C8087B7C-8496-45BE-92FB-91D31EB73969}) (Version: 6.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{64695C4A-C68F-46B5-A734-50EBF124A68E}) (Version: 11.3.3.4 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
Applied Acoustics Lounge Lizard EP VSTi DXi v3.0 (HKLM-x32\...\Applied Acoustics Lounge Lizard EP VSTi DXi v3.0) (Version:  - )
Applied Acoustics Systems - Strum Acoustic GS-1 v1.0 (HKLM-x32\...\Strum Acoustic GS-1) (Version:  - )
ARC System (HKLM-x32\...\{5F9D5D04-C756-4B4A-9ADF-37F7D8EB1E87}) (Version: 1.1.2 - IK Multimedia)
ARC System 2 version 2.5.0 (HKLM\...\{4952A610-D484-4F6A-B1B4-33797CFDB821}_is1) (Version: 2.5.0 - IK Multimedia)
ARIA Engine v1.9.1.6 (HKLM\...\ARIA Engine_is1) (Version: v1.9.1.6 - Plogue Art et Technologie, Inc)
Arturia Musical Instruments (HKLM-x32\...\ArturiaMusicalInstruments1_is1) (Version:  - Arturia)
Arturia V Collection 5 (HKLM-x32\...\Arturia V Collection 5) (Version: 5.0.2 - Arturia)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Audified MixChecker (HKLM\...\MixChecker_is1) (Version: 1.1.0 - Audified)
Audio Bro LA Scoring Strings (HKLM\...\{a085b9f2-e343-4e48-8d4b-e766a66340bc}) (Version: 1.0.0.001 - Audio Bro) Hidden
Audio Bro LA Scoring Strings (HKLM-x32\...\Audio Bro LA Scoring Strings) (Version:  - Audio Bro)
AudioRealism ABL3 (HKLM\...\ABL3_is1) (Version: 3.0.5 - AudioRealism)
Auto-Align version 1.5.1 (HKLM\...\{DE9138DF-EA9A-499F-B7EB-F07BF4E334C8}_is1) (Version: 1.5.1 - Sound Radix)
Avid DINR (HKLM-x32\...\{C85F8F37-A9D1-40C5-B183-C0FA325D525F}) (Version: 10.0.0 - Avid Technology, Inc.)
Avid Effects (HKLM-x32\...\{A86F1158-A7F7-4E8C-98E3-88F4996E85EB}) (Version: 10.3 - Avid Technology, Inc.)
Avid HEAT (HKLM-x32\...\{82C04FF2-7662-4F8E-B6BE-85B40520AE6A}) (Version: 10.2.0 - Avid Technology, Inc.)
Avid Smack! (HKLM-x32\...\{B5F51B00-C618-4A70-8450-C0415C87DC79}) (Version: 10.2.0 - Avid Technology, Inc.)
Avid Sound Replacer (HKLM-x32\...\{F2138E64-6D9C-4080-84B5-C4A61EE32AED}) (Version: 10.0.0 - Avid Technology, Inc.)
Avid TL Space Native (HKLM-x32\...\{2EC7370E-7334-477E-BA15-5258F7FAC635}) (Version: 10.0.0 - Avid Technology, Inc.)
Awave Studio v10.1 (HKLM-x32\...\Awave Studio_is1) (Version:  - FMJ-Software)
Basic FX Suite (HKLM\...\{C22B4160-10E1-409E-9407-B643D5000AF5}) (Version: 1.0.1 - Yamaha Corporation) Hidden
Basic FX Suite (HKLM-x32\...\InstallShield_{C22B4160-10E1-409E-9407-B643D5000AF5}) (Version: 1.0.1 - Yamaha Corporation)
BBE Sonic Sweet Bundle VST RTAS v1.1 (HKLM-x32\...\BBE Sonic Sweet Bundle VST RTAS_is1) (Version:  - )
BBE StompWare Bundle VST RTAS v1.0 (HKLM-x32\...\BBE StompWare Bundle VST RTAS_is1) (Version:  - )
Belkin USB Wireless Adapter (HKLM-x32\...\{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin) Hidden
Belkin USB Wireless Adapter (HKLM-x32\...\InstallShield_{549CE1BD-88E4-4C5E-BF75-B155624714CC}) (Version: 1.0.0.13 - Belkin)
Best Service Artist Grooves (HKLM-x32\...\Best Service Artist Grooves) (Version:  - )
BOM eLicenser (HKLM-x32\...\{FEF0DA2A-8B61-4B6B-A3D2-508EDF7B6376}) (Version: 6.1.0 - Steinberg Media Technology GMBH)
Bome Virtual MIDI 2.0.0.38 (HKLM\...\BMIDI_Driver1.0.0.11_is1) (Version:  - Bome Software GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Brainworx BX Digital VST RTAS v2.0.2 (HKLM-x32\...\Brainworx BX Digital VST RTAS_is1) (Version:  - )
Brainworx BX XL Mastering Limiter VST RTAS v1.0 (HKLM-x32\...\Brainworx BX XL Mastering Limiter_is1) (Version:  - )
Brainworx bx_saturator v1.0.3 (HKLM\...\Brainworx bx_saturator_is1) (Version:  - )
Brass 2.0.1 (HKLM-x32\...\Brass 2.0.1_is1) (Version:  - Arturia)
Camtasia Studio 8 (HKLM-x32\...\{1B57499B-1BEB-426A-A406-D9D004A1D2CE}) (Version: 8.5.0.1954 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform)
CDXtract 4.5 (HKLM-x32\...\CDXTRACT 4.5_is1) (Version:  - CDXTRACT.COM)
Celemony Melodyne Plugin VST RTAS v1.0 (HKLM-x32\...\Celemony Melodyne Plugin_is1) (Version:  - )
Celemony Melodyne Studio 4 (HKLM\...\Melodyne Studio 4_is1) (Version: 4.1.0.001 - Celemony)
Channel G (HKLM-x32\...\{A581D088-F0C7-417E-B060-7F800F8E05F8}) (Version: 1.2.4 - McDSP) Hidden
Channel G (HKLM-x32\...\{EF15D5CD-45A8-4551-92BB-65F918659C46}) (Version: 1.2.4 - McDSP)
Chicken Systems Translator Pro v2.9.0.123 (HKLM-x32\...\Chicken Systems Translator Pro_is1) (Version:  - )
Chrome Tone (HKLM-x32\...\{08505163-1986-42E1-A9B8-6568022CF4E6}) (Version: 1.4.4 - McDSP)
Chrome Tone (HKLM-x32\...\{B41330FD-DAA4-4E9E-869B-3030258EE3D7}) (Version: 1.4.4 - McDSP) Hidden
Chuck Ainlay EZmix pack (HKLM-x32\...\{0B98C1CA-9114-4D27-BC0F-32D8F63CB809}) (Version: 1.0.0 - Toontrack)
CMI V (HKLM\...\CMI V_is1) (Version: 1.0.3.1244 - Arturia & Team V.R)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
CompressorBank (HKLM-x32\...\{C1EBE4D0-D8E6-49DE-BEE0-F4D5EDFC3784}) (Version: 3.6.4 - McDSP)
CompressorBank (HKLM-x32\...\{D3D891E2-322A-4F6D-904B-A0BF684E71AB}) (Version: 3.6.4 - McDSP) Hidden
CoyoteWT 1.1 (HKLM-x32\...\CoyoteWT_is1) (Version:  - Coyote Electronics Inc.)
CPUID CPU-Z 1.61.3 (HKLM\...\CPUID CPU-Z_is1) (Version:  - ) <==== ATTENTION
CPUID HWMonitor 1.28 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
CPUID HWMonitor Pro 1.18 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
CS-80V2 2.0 (HKLM-x32\...\CS-80V2_is1) (Version:  - Arturia)
CSR (HKLM-x32\...\{648C1BFD-6A70-46D8-B855-F84D95C2DC34}) (Version: 1.1.0 - IK Multimedia)
Custom Shop version 1.7.0 (HKLM-x32\...\{21BAD046-50EC-49E2-BE7B-F9729704F2C3}_is1) (Version: 1.7.0 - IK Multimedia)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro 7.1.0.0595 (HKLM\...\DAEMON Tools Pro_is1) (Version: 7.1.0.0595 - l-rePack®)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
Data Lifeguard Diagnostic for Windows 1.27 (HKLM-x32\...\{519C4DB6-B53B-4F5C-8297-89B2BE949FA5}_is1) (Version:  - Western Digital Corporation)
Device Programmer Desktop (HKLM-x32\...\{4802F8E5-3321-11D6-8494-008048C6ADC0}) (Version: 4.5.0 - DB Software)
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Digidesign Music Production Toolkit 7.4 (HKLM-x32\...\{487807C8-1FE9-45D5-A1F2-593C78D2DFDD}) (Version: 7.4 - Digidesign, A Division of Avid Technology, Inc.)
Disc Makers Master Uploader App (HKLM-x32\...\Disc Makers Master Uploader App) (Version:  - Sonoris Audio Engineering)
discoDSP Discovery Pro (HKLM-x32\...\discoDSP Discovery Pro R6.4.3_is1) (Version: 6.4.3 - )
DMGAudio EQuality 1.25 (HKLM-x32\...\DMGAudio EQuality_is1) (Version:  - DMGAudio)
DMGAudio EQuilibrium 1.04 (HKLM-x32\...\DMGAudio EQuilibrium_is1) (Version:  - DMGAudio)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.60.000 - Runtime Software)
Drum Leveler version 1.1.1 (HKLM\...\{94B8FDA3-877B-4EB8-A3E9-5D476329F15D}_is1) (Version: 1.1.1 - Sound Radix)
Drumazon (HKLM-x32\...\{BC975AF9-0C87-4361-8F4B-FBEF2FC7B3A9}) (Version: 1.0.0.0 - D16 Group Audio Software)
EAGLE 6.6.0 (HKLM-x32\...\EAGLE 6.6.0) (Version: 6.6.0 - CadSoft Computer GmbH)
East West Colossus (HKLM-x32\...\East West Colossus) (Version:  - )
East West EWQLSO Gold Edition (HKLM-x32\...\East West EWQLSO Gold Edition) (Version:  - )
East West Ra (HKLM-x32\...\East West Ra) (Version:  - )
East West Symphonic Choirs (HKLM-x32\...\East West Symphonic Choirs) (Version:  - )
Edirol Hyper Canvas VSTi DXi 1.6.0 (HKLM-x32\...\Edirol Hyper Canvas VSTi DXi_is1) (Version:  - )
Electra2 full (HKLM\...\Tone2 Electra2 full_is1) (Version: 2.1.0 - Tone2)
ElectraX full (HKLM-x32\...\Tone2 ElectraX full_is1) (Version:  - Tone2)
Electronic EZmix pack (HKLM-x32\...\{6450F55E-EE0F-4203-A90D-D533EE3F88E4}) (Version: 1.0.0 - Toontrack)
Elevayta Extra Boy v4.91d VST (HKLM-x32\...\Elevayta Extra Boy v4.91d VST) (Version:  - )
Elevayta Space Boy v4.90d VST (HKLM-x32\...\Elevayta Space Boy v4.90d VST) (Version:  - )
E-License Manager (HKLM\...\{E605F95E-31D3-4C9B-A411-BC6A51F8EE48}) (Version: 1.3.0.0 - Magix) Hidden
E-License Manager (HKLM-x32\...\E-License Manager) (Version: 1.3.0.0 - Best Service)
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.1.1172 - Steinberg Media Technologies GmbH)
Engine 2 (HKLM\...\{188A7535-3E25-4AAA-8242-53CD57B60CB8}) (Version: 2.1.0.151 - Best Service) Hidden
Engine 2 (HKLM-x32\...\Engine 2) (Version: 2.1.0.151 - Best Service)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 1.2 - )
eReg (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
ERS Dim D Chorus (HKLM-x32\...\ERS Dim D Chorus 1.1.1) (Version: 1.1.1 - Empty Room Systems)
Eventide Ensemble Bundle (HKLM\...\Ensemble Bundle_is1) (Version: 1.1.4 - Eventide)
Eventide Ensemble Bundle (HKLM-x32\...\Eventide Ensemble Bundle) (Version: 1.0.7 - Eventide)
EWQL Hollywood Strings Gold (HKLM\...\{562F9930-8A79-46B4-878E-6BADB226D29C}) (Version: 1.0.0 - EastWest Sounds, Inc.)
EWQL Orchestra Free Content Part 2 (HKLM-x32\...\{09AD2A89-E21F-4179-891E-0AA797693D5A}) (Version: 1.0.0 - EastWest Sounds, Inc.) Hidden
EWQL Orchestra Free Content Part 3 (HKLM-x32\...\{DEDD0B17-69C8-487D-A1A0-7E28E1AD5605}) (Version: 1.0.0 - EastWest Sounds, Inc.) Hidden
EWQL Orchestra Free Edition (HKLM\...\{070C4AA9-049D-495E-90B4-A372D7D31D50}) (Version: 1.2.5 - EastWest Sounds, Inc.)
EWQL Symphonic Choirs Gold (HKLM\...\{3275F9AE-966D-4D5C-BA4F-7502C0404D35}) (Version: 1.0.0 - EastWest Sounds, Inc.)
Extreme Sample Converter 3.5.9 (HKLM-x32\...\Extreme Sample Converter_is1) (Version:  - )
EZdrummer 2 64-bit (HKLM\...\{B9217824-0EBE-49C7-98A0-A76CC46BBB7D}) (Version: 2.0.0 - Toontrack)
EZdrummer 2 64-bit Update (HKLM\...\{11CC8964-9CB0-46E6-9218-CD39ED4A554D}) (Version: 2.1.4 - Toontrack)
EZkeys Player 64-bit (HKLM\...\{35E5BAC5-47A5-449C-9244-C40659362DCF}) (Version: 1.0.1 - Toontrack)
EZmix 64-bit (HKLM\...\{3D08DB3C-A805-4DDE-861C-85944AA2BA05}) (Version: 2.1.1 - Toontrack)
EZXClaustrophobic (HKLM-x32\...\{8094F7AE-CA21-4AF2-A256-BC918CE0E796}) (Version: 1.0 - Toontrack)
EZXDfh (HKLM-x32\...\{DB1299AF-9EE0-422B-959E-F4171B2AE0F7}) (Version: 1.0 - Toontrack)
EZXElectronic (HKLM-x32\...\{238539DC-253F-401B-90F4-A928A98BC866}) (Version: 1.0.0 - Toontrack)
EZXFunkmasters (HKLM-x32\...\{BB5A44CB-3045-43E2-BEB0-B64E477D4633}) (Version: 1.0.0 - Toontrack)
EZXJazz (HKLM-x32\...\{EED8D44F-CEBB-4298-8D0E-E01AF6AC0663}) (Version: 1.0.0 - Toontrack)
EZXMetalHeads (HKLM-x32\...\{F4F365AB-BD66-4775-A36A-E3D8055873FD}) (Version: 1.0.0 - Toontrack)
EZXMetalMachine (HKLM-x32\...\{88A1D1DA-4327-4CAF-BA74-00D85D9353E8}) (Version: 1.0.0 - Toontrack)
EZXNashville (HKLM-x32\...\{82DF9225-13EC-41BD-BE31-AAB121B38166}) (Version: 1.0 - Toontrack)
EZXPop (HKLM-x32\...\{BAB8A154-19A1-4673-9E9D-CB5E08BFD28C}) (Version: 1.0.0 - Toontrack)
EZXTheClassic part1 (HKLM-x32\...\{C350D087-2ED2-40AB-BE41-75108D89D66C}) (Version: 1.0.0 - Toontrack)
EZXTheClassic part2 (HKLM-x32\...\{6F642D8C-FFC7-48D8-B4E5-77249FE56C7B}) (Version: 1.0.0 - Toontrack)
EZXVintage (HKLM-x32\...\{430399DC-98BC-4A7F-8F8E-77981CABAE05}) (Version: 1.0 - Toontrack)
FabFilter Pro-Q 2.03 (64-bit) (HKLM-x32\...\FabFilter Pro-Q 2.03 (64-bit)) (Version:  - )
FabFilter Total Bundle (64-bit) (HKLM-x32\...\FabFilter Total Bundle (64-bit)) (Version:  - )
FabFilter Total Bundle (HKLM\...\Total Bundle_is1) (Version: 2018.02.22 - FabFilter)
FilterBank (HKLM-x32\...\{4A9CB960-46DD-4DCE-8B71-755D33D6EC18}) (Version: 3.6.4 - McDSP) Hidden
FilterBank (HKLM-x32\...\{F46D6852-0C1D-48F3-AECB-A1F8D9979FF1}) (Version: 3.6.4 - McDSP)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version:  - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version:  - Image-Line)
FlowStone FL 3.0 (HKLM-x32\...\FlowStone) (Version:  - )
Focusrite Control 2.3.4 (HKLM\...\Focusrite Control_is1) (Version: 2.3.4 - Focusrite Audio Engineering Ltd.)
Focusrite Thunderbolt 4.25.0.335 (HKLM\...\Focusrite Thunderbolt_is1) (Version: 4.25.0.335 - Focusrite Audio Engineering Ltd.)
Focusrite USB 4.36.5.0 (HKLM\...\Focusrite USB_is1) (Version: 4.36.5.0 - Focusrite Audio Engineering Ltd.)
foobar2000 v1.3.7 (HKLM-x32\...\foobar2000) (Version: 1.3.7 - Peter Pawlowski)
Fre(a)koscope (HKLM-x32\...\Fre(a)koscope_is1) (Version: 0.8 beta - Mdsp @ Smartelectronix)
FXpansion BFD3 (HKLM-x32\...\FXpansion BFD3) (Version: 3.1.2.0 - FXpansion Audio UK Ltd)
Garritan Personal Orchestra (HKLM-x32\...\Garritan Personal Orchestra) (Version:  - )
GForce - Minimonsta (HKLM-x32\...\Minimonsta) (Version:  - )
GForce - Oddity (HKLM-x32\...\Oddity) (Version:  - )
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HD Tune Pro 4.60 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
HFSExplorer 0.21 (HKLM-x32\...\HFSExplorer) (Version: 0.21 - Catacombae Software)
HitmanPro 3.8 (HKLM\...\HitmanPro38) (Version: 3.8.0.295 - SurfRight B.V.)
HOFA IQ-DeEsser (HKLM\...\HOFA IQ-DeEsser_is1) (Version: 1.0.3 - Team V.R)
IK Multimedia Authorization Manager version 1.0.18 (HKLM\...\{85BC0DCB-69E5-4279-AA25-F108EF896588}_is1) (Version: 1.0.18 - IK Multimedia)
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version:  - Image-Line)
IL Shared Libraries (HKLM-x32\...\IL Shared Libraries) (Version:  - Image-Line)
Intel® C++ Redistributables on IA-32 (HKLM-x32\...\{317059CB-7642-4F2E-89C0-62E69D4074B7}) (Version: 15.0.148 - Intel Corporation)
Intel® C++ Redistributables on Intel® 64 (HKLM-x32\...\{2DD3C090-2986-4970-B3CB-87BB4C8AC4A5}) (Version: 15.0.148 - Intel Corporation)
Interlok driver setup x64 (HKLM\...\{25613C10-27D2-410B-942B-D922D5C3A7BE}) (Version: 5.8.13 - PACE Anti-Piracy)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
iZotope Alloy 2 (HKLM-x32\...\iZotope Alloy 2_is1) (Version: 2.01 - iZotope, Inc.)
iZotope Nectar (HKLM-x32\...\iZotope Nectar_is1) (Version: 1.14 - iZotope, Inc.)
iZotope Ozone 5 Advanced (HKLM-x32\...\iZotope Ozone 5 Advanced_is1) (Version: 5.05 - iZotope, Inc.)
iZotope pHATmatik PRO (HKLM-x32\...\iZotope pHATmatik PRO_is1) (Version: 1.50 - iZotope, Inc.)
iZotope RX 4 (HKLM-x32\...\iZotope RX 4_is1) (Version: 4.01 - iZotope, Inc.)
iZotope Stutter Edit (HKLM-x32\...\iZotope Stutter Edit_is1) (Version: 1.00 - iZotope, Inc.)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JBridge (HKLM-x32\...\JBridge) (Version:  - JBridge)
Jupiter-8 V2 2.7.0 (HKLM-x32\...\Jupiter-8 V2_is1) (Version: 2.7.0 - Arturia)
Kontakt 5 NO INSTALL (HKLM\...\{4B3E0D95-3270-4B88-9EDE-A065680EF65C}_is1) (Version: 5.6.6.16 - Native Instruments)
KORG ARP ODYSSEY (HKLM\...\ARP ODYSSEY_is1) (Version: 1.0.0 - KORG)
KORG KONTROL Editor (HKLM-x32\...\{2994E3F1-B6A3-40FD-860E-A54363FC266C}) (Version: 1.50.0000 - KORG Inc.)
KORG Legacy Collection - LegacyCell (HKLM\...\{4F3D8320-002D-4A0E-A45B-38EAFB2494CA}) (Version: 1.3.0 - KORG Inc.)
KORG M1 (HKLM\...\M1_is1) (Version: 1.7.2 - KORG)
KORG MDE-X (HKLM\...\MDE-X_is1) (Version: 1.3.2 - KORG)
KORG USB-MIDI Driver Tools for Windows (HKLM-x32\...\{CACF2945-0BD5-43D3-B0CF-FA7D25DB2C1E}) (Version: 1.14.1202 - Korg Inc.)
KORG WAVESTATION (HKLM\...\WAVESTATION_is1) (Version: 1.7.2 - KORG)
KORG X50 Editor (HKLM-x32\...\{FC41140A-22CA-4309-B806-F70B0CA31A17}) (Version: 1.0.4 - KORG Inc.)
KORG X50 Plug-In Editor VST (HKLM-x32\...\{0BBE28FE-227A-4D34-A069-0EE3AC622850}) (Version: 1.0.4 - KORG Inc.)
LatencyMon 4.01 (HKLM\...\LatencyMon_is1) (Version:  - Resplendence Software Projects Sp.)
Line 6 Uninstaller (HKLM-x32\...\Line 6 Uninstaller) (Version:  - Line 6)
LinPlug SaxLab 2 (HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\LinPlug SaxLab 2) (Version:  - )
LiquidInstrumentVst 1.0 (HKLM-x32\...\{92E9E482-F45A-4C10-B3B0-06C785826E74}) (Version: 1.00.0300 - ueberschall sample service GmbH) Hidden
LiquidInstrumentVst 1.5 (HKLM-x32\...\{A2453C21-B185-437A-933D-EAFC19D0E2D2}) (Version: 1.50.0102 - ueberschall sample service GmbH)
Logitech Options (HKLM\...\LogiOptions) (Version: 6.90.135 - Logitech)
Logitech Unifying Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech)
LUXONIX Purity (HKLM-x32\...\LUXONIX_Purity) (Version: 1.2.5 - LUXONIX)
MachFive (HKLM-x32\...\MachFive v.1.2 Update) (Version:  - )
Malwarebytes version 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
ManyBass 1.0 (HKLM-x32\...\ManyBass 1.0_is1) (Version:  - )
Mark Needham EZmix pack (HKLM-x32\...\{F3EB1DC3-4211-49E3-B6E0-C98CA3E171F9}) (Version: 1.0.0 - Toontrack)
Massey VST Demos (Remove only) (HKLM-x32\...\Massey VST Demos) (Version:  - )
MC2000 (HKLM-x32\...\{54C394A1-797D-489A-A580-EC237E668396}) (Version: 2.6.4 - McDSP)
MC2000 (HKLM-x32\...\{A8D19261-B258-43B5-AC0B-843D507A607D}) (Version: 2.6.4 - McDSP) Hidden
MeldaProduction Audio Plugins 12 (HKLM-x32\...\MeldaProduction Audio Plugins 12) (Version:  - MeldaProduction)
Melodyne 3.2 (HKLM-x32\...\{2E337869-756A-4E46-A936-0E67FE043A5E}) (Version: 3.2.0202 - Celemony Software GmbH) Hidden
Melodyne 3.2 (HKLM-x32\...\{A1F143D1-1F0D-44FB-A44B-71D4367D16DE}) (Version: 3.2.0202 - Celemony Software GmbH)
Melodyne Runtime 4.1 (x64) (HKLM\...\{53EE2829-E9DB-4913-B3EA-96F10F84E98B}) (Version: 1.0.1 - Celemony Software GmbH)
Metal EZmix pack (HKLM-x32\...\{B232052F-1339-42DB-85A6-178CAA8E73A7}) (Version: 1.0.0 - Toontrack)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-0409-0000-0000000FF1CE}) (Version: 12.0.6219.1000 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{9bd48a22-fe5a-457c-8f10-da6c2be89eee}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25017 (HKLM-x32\...\{e52a6842-b0ac-476e-b48f-378a97a67346}) (Version: 14.10.25017.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25017 (HKLM-x32\...\{f325f05b-f963-4640-a43b-c8a494cdda0f}) (Version: 14.10.25017.0 - Microsoft Corporation)
MIDI Control Center 1.1.0 (HKLM-x32\...\MIDI Control Center_is1) (Version: 1.1.0 - Arturia)
Midi Quest XL 10 x64 (HKLM\...\Midi Quest XL x64_is1) (Version:  - )
Mildon Studios HUE-X VST v2.0 (HKLM-x32\...\Mildon Studios HUE-X VST v2.0_is1) (Version:  - )
Miroslav Philharmonik (HKLM-x32\...\{BA0D0121-A3BA-487D-9C78-7AB0E676C722}) (Version: 1.0.0 - IK Multimedia)
Miroslav Philharmonik Instruments (HKLM-x32\...\{9FCCC8D1-3152-4699-8793-6CB0B9E26EBB}) (Version: 1.0 - IK Multimedia)
MJUC version 1.0.2 (HKLM\...\MJUC_is1) (Version: 1.0.2 - )
Modern PopRock EZmix pack (HKLM-x32\...\{25ED7F32-828A-4875-9757-95D34A87181B}) (Version: 1.0.0 - Toontrack)
MODO BASS version 1.0.2 (HKLM\...\{C882B130-90DD-4F00-9D6B-2F58D923E92B}_is1) (Version: 1.0.2 - IK Multimedia)
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 61.0.1 (x64 en-US)) (Version: 61.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
M-Tron Pro (HKLM-x32\...\{EEE8DED0-8DCF-492A-865D-C20964420BE5}) (Version: 1.0.0.35 - GForce Software, Ltd.)
MusicLab RealGuitar 5 (HKLM\...\RealGuitar 5_is1) (Version: 5.0.0.7353 - MusicLab)
MusicLab RealStrat (32-bit) (HKLM-x32\...\{F16B6849-2CA2-468A-BCDA-380837095A13}) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (64-bit) (HKLM\...\{3AC252AE-6034-44CE-A682-C94687BD2A6A}) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab RealStrat (HKLM-x32\...\{87d50511-cb30-4e5d-99b4-763b91649a0b}) (Version: 3.1.0.7127 - MusicLab, Inc.)
MusicLab RealStrat Sound Bank (HKLM-x32\...\{AB14929E-8CC5-420F-8702-4B49C977EBE8}) (Version: 3.1.0.7127 - MusicLab, Inc.) Hidden
MusicLab Virtual Midi Driver (64-bit) (HKLM\...\{2B019162-86C7-4D14-AED0-2CB5110BA4FF}) (Version: 2.0.2.0 - MusicLab, Inc.)
N.I Pro-53 v3.0-OxYGeN (HKLM-x32\...\N.I Pro-53 v3.0-OxYGeN) (Version:  - )
Native Instruments Abbey Road 60s Drums (HKLM-x32\...\Native Instruments Abbey Road 60s Drums) (Version:  - Native Instruments)
Native Instruments Abbey Road 80s Drums (HKLM-x32\...\Native Instruments Abbey Road 80s Drums) (Version:  - Native Instruments)
Native Instruments Abbey Road Modern Drums (HKLM-x32\...\Native Instruments Abbey Road Modern Drums) (Version:  - Native Instruments)
Native Instruments Absynth 5 (HKLM-x32\...\Native Instruments Absynth 5) (Version:  - Native Instruments)
Native Instruments Acoustic Refractions (HKLM-x32\...\Native Instruments Acoustic Refractions) (Version:  - Native Instruments)
Native Instruments Battery 3 (HKLM-x32\...\Native Instruments Battery 3) (Version:  - Native Instruments)
Native Instruments Battery 4 (HKLM-x32\...\Native Instruments Battery 4) (Version: 4.1.2.2354 - Native Instruments)
Native Instruments Berlin Concert Grand (HKLM-x32\...\Native Instruments Berlin Concert Grand) (Version:  - Native Instruments)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.7.0.150 - Native Instruments)
Native Instruments DrumMicA (HKLM-x32\...\Native Instruments DrumMicA) (Version:  - Native Instruments)
Native Instruments Enhanced EQ (HKLM-x32\...\Native Instruments Enhanced EQ) (Version:  - Native Instruments)
Native Instruments FM8 (HKLM-x32\...\Native Instruments FM8) (Version:  - Native Instruments)
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version:  - Native Instruments)
Native Instruments Guitar Rig 5 (HKLM-x32\...\Native Instruments Guitar Rig 5) (Version: 5.2.2.8 - Native Instruments)
Native Instruments Komplete 7 (HKLM-x32\...\Native Instruments Komplete 7) (Version:  - Native Instruments)
Native Instruments Komplete Kontrol (HKLM-x32\...\Native Instruments Komplete Kontrol) (Version: 1.9.3.102 - Native Instruments)
Native Instruments Komplete Kontrol Driver (HKLM-x32\...\Native Instruments Komplete Kontrol Driver) (Version:  - Native Instruments)
Native Instruments Kore Player (HKLM-x32\...\Native Instruments Kore Player) (Version:  - Native Instruments)
Native Instruments Maschine (HKLM-x32\...\Native Instruments Maschine) (Version:  - Native Instruments)
Native Instruments Massive (HKLM-x32\...\Native Instruments Massive) (Version:  - Native Instruments)
Native Instruments Monark (HKLM-x32\...\Native Instruments Monark) (Version:  - Native Instruments)
Native Instruments New York Concert Grand (HKLM-x32\...\Native Instruments New York Concert Grand) (Version:  - Native Instruments)
Native Instruments NIHostIntegrationAgent (HKLM-x32\...\Native Instruments NIHostIntegrationAgent) (Version: 1.5.0.138 - Native Instruments)
Native Instruments Passive EQ (HKLM-x32\...\Native Instruments Passive EQ) (Version:  - Native Instruments)
Native Instruments Rammfire (HKLM-x32\...\Native Instruments Rammfire) (Version:  - Native Instruments)
Native Instruments RC 24 (HKLM-x32\...\Native Instruments RC 24) (Version: 1.0.0.312 - Native Instruments)
Native Instruments RC 48 (HKLM-x32\...\Native Instruments RC 48) (Version: 1.0.0.312 - Native Instruments)
Native Instruments Reaktor 5 (HKLM-x32\...\Native Instruments Reaktor 5) (Version: 5.9.0.725 - Native Instruments)
Native Instruments Reaktor Prism (HKLM-x32\...\Native Instruments Reaktor Prism) (Version:  - Native Instruments)
Native Instruments Reaktor Spark R2 (HKLM-x32\...\Native Instruments Reaktor Spark R2) (Version:  - Native Instruments)
Native Instruments Reflektor (HKLM-x32\...\Native Instruments Reflektor) (Version:  - Native Instruments)
Native Instruments Replika XT (HKLM-x32\...\Native Instruments Replika XT) (Version: 1.0.3.50 - Native Instruments)
Native Instruments Scarbee A-200 (HKLM-x32\...\Native Instruments Scarbee A-200) (Version:  - Native Instruments)
Native Instruments Scarbee Clavinet Pianet (HKLM-x32\...\Native Instruments Scarbee Clavinet Pianet) (Version:  - Native Instruments)
Native Instruments Scarbee Funk Guitarist (HKLM-x32\...\Native Instruments Scarbee Funk Guitarist) (Version:  - Native Instruments)
Native Instruments Scarbee Mark I (HKLM-x32\...\Native Instruments Scarbee Mark I) (Version:  - Native Instruments)
Native Instruments Scarbee MM-Bass (HKLM-x32\...\Native Instruments Scarbee MM-Bass) (Version:  - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.4.4.1428 - Native Instruments)
Native Instruments Studio Drummer (HKLM-x32\...\Native Instruments Studio Drummer) (Version:  - Native Instruments)
Native Instruments Supercharger GT (HKLM-x32\...\Native Instruments Supercharger GT) (Version: 1.1.3.450 - Native Instruments)
Native Instruments The Finger R2 (HKLM-x32\...\Native Instruments The Finger R2) (Version:  - Native Instruments)
Native Instruments The Giant (HKLM-x32\...\Native Instruments The Giant) (Version:  - Native Instruments)
Native Instruments Traktors 12 (HKLM-x32\...\Native Instruments Traktors 12) (Version:  - Native Instruments)
Native Instruments Transient Master FX (HKLM-x32\...\Native Instruments Transient Master FX) (Version:  - Native Instruments)
Native Instruments Upright Piano (HKLM-x32\...\Native Instruments Upright Piano) (Version:  - Native Instruments)
Native Instruments VC 160 FX (HKLM-x32\...\Native Instruments VC 160 FX) (Version:  - Native Instruments)
Native Instruments Vienna Concert Grand (HKLM-x32\...\Native Instruments Vienna Concert Grand) (Version:  - Native Instruments)
Native Instruments Vintage Organs (HKLM-x32\...\Native Instruments Vintage Organs) (Version:  - Native Instruments)
Naughty Seal Audio Perfect Drums (HKLM\...\Perfect Drums_is1) (Version: 1.5.0 - Naughty Seal Audio)
Nepheton 1.6.2 (64bit) (HKLM\...\{207DAD3E-856E-4892-BEFA-87FB040E20FB}) (Version: 1.6.2.0 - D16 Group Audio Software)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
One Man Band v10.0 (HKLM-x32\...\ST5UNST #1) (Version:  - )
PACE License Support Win64 (HKLM\...\{5DDD3EE1-4AE8-4263-8B1A-9BF6E8B3FEF0}) (Version: 4.0.0.1981 - PACE Anti-Piracy, Inc.) Hidden
PACE License Support Win64 (HKLM-x32\...\InstallShield_{72ad9d51-0903-4fe7-af5d-33b3185fa6e9}) (Version: 2.4.7.0852 - PACE Anti-Piracy, Inc.)
Patch Avid Pro Tools 10.3.4 To Audioz (HKLM-x32\...\Patch Avid Pro Tools 10.3.4 To Audioz) (Version:  - )
PCIe to Peripheral Adaptor (HKLM\...\ASIX Electronics Corporation) (Version:  - )
PCM Native Reverb Bundle (HKLM-x32\...\{294B9A61-B4D6-4EDB-91BF-354619C43FE2}) (Version: 1.1.3 - Lexicon) Hidden
PCM Native Reverb Bundle (HKLM-x32\...\PCM Native Reverb Bundle) (Version:  - Lexicon)
PG Music DirectX Plugins 2.0.0.0 (HKLM-x32\...\PG_DX_Plugins_is1) (Version:  - PG Music Inc.)
Phase Motion version 1.2.5 (HKLM\...\{01D5CB68-4986-4C05-ADE1-9405D46EA479}_is1) (Version: 1.2.5 - AudioThing)
Pi version 1.0.7 (HKLM\...\{CFA5721A-9AA1-4D77-BBC2-78E40216FDAB}_is1) (Version: 1.0.7 - Sound Radix)
Pianissimo (HKLM-x32\...\Pianissimo) (Version:  - Acoustica)
Pianoteq 3.5 Trial (HKLM-x32\...\Pianoteq35 Trial) (Version:  - )
PLAY 5.0.1 (HKLM-x32\...\EW PLAY_is1) (Version: 5.0.1 - EastWest Sounds, Inc.)
Play Update 4.2.2 (HKLM\...\{D5A16FC4-9409-4289-921B-E79FBC5E17DB}) (Version: 4.2.2 - EastWest Sounds, Inc)
Plogue sforzando v1.916 (HKLM\...\__ARIA_1014___is1) (Version: v1.916 - Plogue)
Plug and Mix V.I.P. bundle 3.0.3 (Repack) (HKLM\...\Plug and Mix V.I.P. bundle_is1) (Version:  - )
Pluggo Runtime 3.6.1 (HKLM-x32\...\{D1DB1160-769F-461C-9727-34202D9B5FBF}) (Version: 3.6.1004 - Cycling '74)
PreSonus FaderPort (HKLM\...\PreSonus FaderPort Driver Installer_is1) (Version: 1.0 - PreSonus Audio Electronics)
PreSonus FaderPort (HKLM-x32\...\PreSonus FaderPort_is1) (Version:  - PreSonus Audio Electronics, Inc.)
PreSonus Studio One 2 x64 (HKLM\...\PreSonus Studio One 2) (Version: 2.0.1.16909 - PreSonus Audio Electronics)
ProAudioDSP Dynamic Spectrum Mapper VST RTAS v1.3.2 (HKLM-x32\...\ProAudioDSP Dynamic Spectrum Mapper VST RTAS_is1) (Version:  - )
Prophet-V2 2.0 (HKLM-x32\...\Prophet-V2_is1) (Version:  - Arturia)
Proteus 8 Demonstration (HKLM-x32\...\{A5FA1F05-A42E-4EFC-AE12-CD7E70E8B5EB}) (Version: 8.2.18428.0 - Labcenter Electronics)
PSP FETpressor (HKLM-x32\...\PSP FETpressor) (Version: 1.0.0 - PSPaudioware.com)
PSP VintageWarmer 2.0.0 (HKLM-x32\...\PSP VintageWarmer 2.0.0) (Version: 2.0.0 - PSPaudioware.com)
PSP Xenon (HKLM-x32\...\PSP Xenon) (Version: 1.5.1 - PSPaudioware.com)
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
Python 3.4.3 (64-bit) (HKLM\...\{9529565f-e693-3f11-b3bf-8cd545f5f9a0}) (Version: 3.4.3150 - Python Software Foundation)
Python 3.6.0 (32-bit) (HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\{8ba65a8c-cb48-4716-bc24-47c148808015}) (Version: 3.6.150.0 - Python Software Foundation)
Python 3.6.0 Add to Path (32-bit) (HKLM-x32\...\{D4C8360E-C73A-46B9-AF8E-672684048BF0}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit debug) (HKLM-x32\...\{D4914CF0-AE41-409E-83CE-2ADD6CB0129B}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit symbols) (HKLM-x32\...\{499E6B9C-7715-4565-8317-FF7AAF36C7D9}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Core Interpreter (32-bit) (HKLM-x32\...\{FC638B75-E969-4496-A546-9D78EA7D8F35}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (32-bit debug) (HKLM-x32\...\{7A737E43-C039-4D6E-AA16-6957461D3FBF}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Development Libraries (32-bit) (HKLM-x32\...\{F2A430F2-A7AC-4B46-808A-FC6E8419ABDE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Documentation (32-bit) (HKLM-x32\...\{A66771E3-430A-40A7-B00C-94A239396BEE}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit debug) (HKLM-x32\...\{F8AB382D-F864-457C-9790-C978BE66322C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit symbols) (HKLM-x32\...\{CB6428B3-7732-48D4-BC63-FEF62512D907}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Executables (32-bit) (HKLM-x32\...\{3C182441-3C75-4113-A28D-D3AEAD85B320}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 pip Bootstrap (32-bit) (HKLM-x32\...\{1D427483-31FE-4ED4-AD39-AB78BBF7D22D}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit debug) (HKLM-x32\...\{3C9A7A05-BC25-43C3-B38D-677198058838}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit symbols) (HKLM-x32\...\{09751D22-1DF2-43E4-98E5-12010BA478C2}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Standard Library (32-bit) (HKLM-x32\...\{4CB36E4F-EC00-479B-AA25-0B9EC5385B0C}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit debug) (HKLM-x32\...\{6C0B3158-0125-4EE8-9405-7B0A66B2784E}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit symbols) (HKLM-x32\...\{C226C6C7-5EC1-441F-A659-C86F3629FF14}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Tcl/Tk Support (32-bit) (HKLM-x32\...\{C7D63030-7738-499A-A0D2-8549174D2B70}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit debug) (HKLM-x32\...\{50FAC770-C868-4DD9-8C59-BC0468270EF9}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit symbols) (HKLM-x32\...\{EBB76201-FB65-4EE3-ACFB-E7285E859F20}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Test Suite (32-bit) (HKLM-x32\...\{6EAD5F85-97EC-4AFB-84D2-D52AC41D3C66}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
Python 3.6.0 Utility Scripts (32-bit) (HKLM-x32\...\{7C3DAC9E-E229-415C-A600-5974B5D9DE7F}) (Version: 3.6.150.0 - Python Software Foundation) Hidden
qBittorrent 3.1.12 (HKLM-x32\...\qBittorrent) (Version: 3.1.12 - The qBittorrent project)
QL Gypsy (HKLM\...\{BD917926-1F69-4BED-9410-65E737A76DAD}) (Version: 1.0.0 - EastWest Sounds, Inc.)
QL Ministry of Rock (HKLM\...\{2FF830A1-CD7A-4E76-81DA-5F7BBE21EFF3}) (Version: 1.0.0 - EastWest Sounds, Inc.)
QL Ministry of Rock 2 (HKLM\...\{729C6826-1BE3-4A1F-8F26-BDCBA838C640}) (Version: 1.0.0 - EastWest Sounds, Inc.)
QL Pianos Gold (HKLM\...\{8DEAB3E6-1137-4EAA-8593-1E490FC13BE5}) (Version: 1.0.0 - EastWest Sounds, Inc.)
QL Solo Violin (HKLM\...\{EF6A1F9F-485B-4866-9D8B-D85A9E5C401B}) (Version: 1.0.0 - EastWest Sounds, Inc.)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Reaktor 6 NO INSTALL (HKLM\...\{151D1547-2FCD-41A6-B6DC-01A4B122FA6A}_is1) (Version: 6.1.1.35 - Native Instruments)
REAPER (x64) (HKLM\...\REAPER) (Version:  - )
Reason 5.0.1 (HKLM-x32\...\Reason5_is1) (Version: 5.0.1 - Propellerhead Software AB)
Rebeat (HKLM-x32\...\Rebeat_is1) (Version: 1.313.1 - Rebeat)
Reference 3 VST plugin (64-bit) 3 (HKLM\...\{D3E4F1C1-FAE1-4148-A8C0-6C8F01C1290B}) (Version: 3.4.1 - Sonarworks)
Reference 4 AAX plugin for ProTools 10 (HKLM-x32\...\{1515D06B-F9D4-4065-8A48-84E4263081CB}) (Version: 4.0.85 - Sonarworks)
Reference 4 AAX plugin for ProTools 11/12 (HKLM\...\{C91F2185-E922-4C45-9CDC-BD7073827481}) (Version: 4.0.85 - Sonarworks)
Reference 4 RTAS plugin (HKLM-x32\...\{E32E4290-9A5B-47E9-B599-3A14D3120E03}) (Version: 4.0.85 - Sonarworks)
Reference 4 VST plugin (32-bit) (HKLM-x32\...\{AAE399B2-B8ED-4D4A-A615-8B0A9FDF0BFE}) (Version: 4.0.85 - Sonarworks)
Reference 4 VST plugin (64-bit) (HKLM\...\{0079AB1F-1EEC-450F-A9A1-465BDF24273C}) (Version: 4.0.85 - Sonarworks)
reFX Nexus VSTi RTAS v2.2.0 (HKLM-x32\...\reFX Nexus_is1) (Version:  - )
Relab LX480 Lite VST v1.0 (HKLM-x32\...\Relab LX480 Lite_is1) (Version:  - )
Revoice Pro (64 bit) (HKLM\...\{81C96B40-80D0-42E4-9D8C-392837C0990C}) (Version: 2.2.0.18 - Synchro Arts Ltd)
ReWire (HKLM\...\{4481A621-E317-411C-8926-864AACDF509B}) (Version: 1.00.0000 - Waves)
ReWire 64/32 Bridge (HKLM\...\ReWire6432Bridge) (Version: 1.3.0.1 - ALIPAPA)
Rgc Audio Sfz Plus VSTi DXi v1.1 (HKLM-x32\...\Rgc Audio Sfz Plus VSTi DXi v1.1) (Version:  - )
rgc:audio z3ta+ 1.5 (x64) (HKLM\...\z3ta+_x64_is1) (Version: 1.5 - Cakewalk Music Software)
Rob Papen Blade (HKLM-x32\...\Rob Papen Blade) (Version: 1.0.3 - Rob Papen)
Rob Papen Blue2 (HKLM-x32\...\Rob Papen Blue2) (Version: 1.0.2 - Rob Papen)
Rob Papen Predator (HKLM-x32\...\Rob Papen Predator) (Version: 1.6.5a - Rob Papen)
Rob Papen Predator2 (HKLM\...\Predator2_is1) (Version: 1.0.2 - Rob Papen)
Rob Papen Punch-BD (HKLM-x32\...\Rob Papen Punch-BD) (Version: 1.0.0c - Rob Papen)
Rob Papen RAW (HKLM-x32\...\Rob Papen RAW) (Version: 1.0.3 - Rob Papen)
Rob Papen RG (HKLM-x32\...\Rob Papen RG) (Version: 1.6.2 - Rob Papen)
Rock EZmix pack (HKLM-x32\...\{038B2DB1-2B9C-45C6-A55F-17B60D80C9D2}) (Version: 1.0.0 - Toontrack)
Roland VS Concerto (HKLM\...\Concerto_is1) (Version: 3.3.0 - Roland VS)
Roland VS D-50 (HKLM\...\D-50_is1) (Version: 1.0.1 - Roland VS)
Roland VS JV-1080 (HKLM\...\JV-1080_is1) (Version: 1.0.1 - Roland VS)
Room EQ Wizard 5.18 (HKLM-x32\...\4549-9647-2313-4375) (Version: 5.18 - John Mulcahy)
Room EQ Wizard V5 (HKLM-x32\...\RoomEQWizardV5) (Version:  - John Mulcahy)
Russian Phonetic Student - WinRus.com (HKLM\...\{7AE27077-F326-46AA-9CB2-DF595D56C8FA}) (Version: 1.0.3.40 - Paul Gorodyansky)
SampleTank 2.5 (HKLM-x32\...\{6559654F-2F38-491F-8411-211517C3E635}) (Version: 2.5.0 - IK Multimedia)
SampleTank 3 version 3.0.1 (HKLM\...\{4A5CE684-33A5-4EE6-AB22-4B92D92D37D8}_is1) (Version: 3.0.1 - IK Multimedia)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.0 - Samsung)
Sasquatch Kick Machine version 1.1.4 (HKLM\...\Sasquatch Kick Machine_is1) (Version: 1.1.4 - )
Schaack Audio Technologies Transient Shaper VST v2.04 (HKLM-x32\...\Schaack Audio Technologies Transient Shaper VST v2.04_is1) (Version:  - )
SketchUp 8 (HKLM-x32\...\{779D8CA1-03DD-4AD4-B21F-3E20BFE7BEDE}) (Version: 3.0.15158 - Trimble Navigation Limited)
Snapshot (HKLM-x32\...\Snapshot_is1) (Version: 2.0 - Non-Lethal Applications)
Softube Acoustic Feedback VST RTAS v1.0.7 (HKLM-x32\...\Softube Acoustic Feedback VST RTAS_is1) (Version:  - )
Softube Bass Amp Room VST RTAS v1.0.2 (HKLM-x32\...\Softube Bass Amp Room VST RTAS_is1) (Version:  - )
Softube FET Compressor VST RTAS v1.0.3 (HKLM-x32\...\Softube FET Compressor VST RTAS_is1) (Version:  - )
Softube Passive-Active Pack VST RTAS v1.0.2 (HKLM-x32\...\Softube Passive-Active Pack VST RTAS_is1) (Version:  - )
Softube Spring Reverb VST RTAS v1.0.4 (HKLM-x32\...\Softube Spring Reverb VST RTAS_is1) (Version:  - )
Softube Tube Delay VST RTAS v1.0.5 (HKLM-x32\...\Softube Tube Delay VST RTAS_is1) (Version:  - )
Softube Tube-Tech CL 1B VST RTAS v1.0.3 (HKLM-x32\...\Softube Tube-Tech CL 1B VST RTAS_is1) (Version:  - )
Softube Vintage Amp Room VST RTAS v1.0.8 (HKLM-x32\...\Softube Vintage Amp Room VST RTAS_is1) (Version:  - )
Sonalksis Plug-Ins for Windows 2.00 (HKLM-x32\...\Sonalksis Plug-Ins for Windows_is1) (Version:  - Sonalksis)
Sonarworks Reference 3 (HKLM-x32\...\{702AFD1D-D9D5-406C-8EB9-5364970BA39F}) (Version: 3.4.1 - Sonarworks)
Sonarworks Reference 4 Systemwide (HKLM\...\{97E6369C-0FC1-4833-8021-4D8FE2791A0D}) (Version: 4.0.85 - Sonarworks)
Sonarworks Reference SW (HKLM\...\Sonarworks Reference SystemWide_is1) (Version: 3.2 - Team V.R)
Songwriters Pack 2 (HKLM-x32\...\{F998C7C3-4D73-434E-AE57-CBD2EAE0A773}) (Version: 1.0.0 - Toontrack)
Songwriters Pack 3 (HKLM-x32\...\{79FE9434-81F4-4690-83D0-E0E1722EB7EA}) (Version: 1.0.0 - Toontrack)
Songwriters Tools EZmix pack (HKLM-x32\...\{999E5356-F60D-4AF1-9003-1F6863E2D5AE}) (Version: 1.0.0 - Toontrack)
Sonic Visualiser (HKLM-x32\...\{49ECD2A3-7B85-4DCB-A900-44D64F5C5687}) (Version: 2.3.0 - Queen Mary, University of London)
Sonik Synth 2 (HKLM-x32\...\Sonik Synth 2) (Version:  - )
SONiVOX Big Bang Universal Drums 2 (HKLM-x32\...\SONiVOX Big Bang Universal Drums 2) (Version: 2.3 - SONiVOX)
SONiVOX DVI Afro-Cuban Percussion (HKLM-x32\...\SONiVOX 2.1 DVI Afro-Cuban Percussion_is1) (Version:  - )
SONiVOX DVI Banjo (HKLM-x32\...\SONiVOX 2.0 DVI Banjo_is1) (Version:  - )
SONiVOX DVI Fender Stratocaster (HKLM-x32\...\SONiVOX 2.0 DVI Fender Stratocaster_is1) (Version:  - )
SONiVOX DVI Les Paul (HKLM-x32\...\SONiVOX 2.0 DVI Les Paul_is1) (Version:  - )
SONiVOX DVI Martin Acoustic Guitar (HKLM-x32\...\SONiVOX 2.0 DVI Martin Acoustic Guitar_is1) (Version:  - )
SONiVOX DVI Taylor Acoustic Guitar (HKLM-x32\...\SONiVOX 2.0 DVI Taylor Acoustic Guitar_is1) (Version:  - )
SONiVOX Tony Coleman Drums (HKLM-x32\...\SONiVOX Tony Coleman Drums) (Version: 1.0 - SONiVOX)
Sonnoxplugins Oxford Elite Collection Native v1.0 (HKLM-x32\...\Sonnoxplugins Oxford Elite Collection Native_is1) (Version:  - )
Sonnoxplugins Oxford Restore Suite Native v1.0 (HKLM-x32\...\Sonnoxplugins Oxford Restore Suite Native_is1) (Version:  - )
Sony CD Architect 5.2 (HKLM-x32\...\{84C7A433-CED3-4410-9D69-0BF5486B9631}) (Version: 5.2.214 - Sony)
Sony Vocal Eraser (HKLM-x32\...\Sony Vocal Eraser_is1) (Version: 1.00 - iZotope, Inc.)
SoundToys Native Effects V4 (HKLM-x32\...\SoundToys Native Effects V4_is1) (Version:  - SoundToys Inc)
SoundToys Native Effects VST RTAS v4.0.2 (HKLM-x32\...\SoundToys Native Effects VST RTAS_is1) (Version:  - )
SpectraLayers Pro 1.0 (HKLM-x32\...\SpectraLayers Pro 1.0) (Version: 1.0 - Sony)
Speedsoft VSampler 3 (HKLM-x32\...\Speedsoft VSampler 3) (Version:  - )
Spire version 1.1.9 (HKLM-x32\...\{149CBB8A-19FE-4574-99BE-657926BBE08B}_is1) (Version: 1.1.9 - Reveal Sound)
SPL Analog Code Bundle v1.1 (HKLM-x32\...\SPL Analog Code Bundle_is1) (Version:  - )
SPL Analog Code EQ Rangers Volume One VST RTAS v1.1 (HKLM-x32\...\SPL Analog Code EQ Rangers Volume One VST RTAS_is1) (Version:  - )
SPL Analog Code MicroPlugs VST RTAS v1.1 (HKLM-x32\...\SPL Analog Code MicroPlugs VST RTAS_is1) (Version:  - )
SPL Analog Code Transient Designer VST RTAS v1.1 (HKLM-x32\...\SPL Analog Code Transient Designer VST RTAS_is1) (Version:  - )
SPL Analog Code TwinTube Processor VST RTAS v1.1 (HKLM-x32\...\SPL Analog Code TwinTube Processor VST RTAS_is1) (Version:  - )
SPL Analog Code Vitalizer MK2-T VST RTAS v1.1 (HKLM-x32\...\SPL Analog Code Vitalizer MK2-T VST RTAS_is1) (Version:  - )
SSL Duende Native (32-bit) v3.6.6 (HKLM-x32\...\SSL Duende Native_is1) (Version: 3.6.6 - Team V.R)
Steinberg CMC Applications (HKLM\...\{D505FFE8-2BCD-476B-88D8-E23F97DAB6FA}) (Version: 1.1.3 - Yamaha Corporation) Hidden
Steinberg CMC Applications (HKLM-x32\...\InstallShield_{D505FFE8-2BCD-476B-88D8-E23F97DAB6FA}) (Version: 1.1.3 - Yamaha Corporation)
Steinberg Content Updater (HKLM-x32\...\{23BAFE62-0AF0-4D71-98C2-47286139DC45}) (Version: 4.0.0 - Steinberg Media Technologies GmbH)
Steinberg Cubase 8 64bit (HKLM\...\{C806BE81-01DE-4EFA-33AC-34635B3EAB4A}) (Version: 8.0.40 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg EDM Toolbox MIDI Loops (HKLM-x32\...\{8C9B2EA8-9A30-4347-95E9-10E919C4F32E}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg eLicenser Antitrial (HKLM\...\eLicenser Antitrial_is1) (Version: 1.16.1.3 - Steinberg & Team V.R)
Steinberg Generic Lower Latency ASIO Driver 64bit (HKLM\...\{16D5A798-10BE-4FF3-BB71-54C012CD0D7D}) (Version: 1.0.11 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Allen Morgan Signature Drums (HKLM-x32\...\{611A7035-0172-4B9B-8BB6-5046F6867D8A}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Rock Pop Toolbox Drums (HKLM-x32\...\{E9BFA009-DD72-4F2A-84CB-6DF46472B563}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg HALion 6 (HKLM\...\{B4A47381-CC40-4EAD-BE05-143396A70B34}) (Version: 6.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALion 6 Content (HKLM-x32\...\{E6049779-021E-40FD-8C4C-C2A21F9417B5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Content (HKLM-x32\...\{7FAD0A52-EAA8-4197-BC9D-30E08EC879A5}) (Version: 4.6.3 - Steinberg Media Technologies GmbH)
Steinberg HALion Content Registration (HKLM-x32\...\{D3BC09D3-55D7-424D-9B7B-5CAF1C6113FD}) (Version: 1.0.0 - Steinberg Media Technologies GmbH) Hidden
Steinberg HALion Library Manager (HKLM\...\{55B14661-3F86-4974-9097-D7508EC63D97}) (Version: 3.0.16 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 2 Content (HKLM-x32\...\{C50D4628-6064-443C-B154-5A5B780874C2}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic 3 (HKLM\...\{7AA3E2A4-8568-41B0-BAB6-13CDB5047DE6}) (Version: 3.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE (HKLM-x32\...\{EF7800A8-575E-4776-95A5-A9D904A85D5F}) (Version: 1.5.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content (HKLM-x32\...\{A5051ABF-A497-4C3C-85EA-F7A4D5C19B82}) (Version: 2.0.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne (HKLM-x32\...\{E70E7159-93B1-470D-9FBD-D8E9EF34B538}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne 64bit (HKLM\...\{743C5D75-6BC8-4881-BF7D-E7DF29F155F4}) (Version: 1.1.0.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Additional Content Set 01 (HKLM-x32\...\{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}) (Version: 1.0.0.001 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Expression Set (HKLM-x32\...\{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}) (Version: 1.0.1.0 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Drum Set (HKLM-x32\...\{AC997F93-0757-4ED4-A701-F40C2D654D09}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne GM Set (HKLM-x32\...\{F057965A-D974-4C64-ADB1-4381CD4B8956}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Pro Set (HKLM-x32\...\{D82CDA0D-C182-42C8-8FF2-5649C98D6003}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Drum Set (HKLM-x32\...\{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg HALionOne Studio Set (HKLM-x32\...\{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}) (Version: 1.0.1.457 - Steinberg Media Technologies GmbH)
Steinberg Hypersonic VSTi DXi v2.0 (HKLM-x32\...\Steinberg Hypersonic VSTi DXi_is1) (Version:  - )
Steinberg LM-4 VSTi v1.1 (HKLM-x32\...\Steinberg LM-4 VSTi v1.1) (Version:  - )
Steinberg LoopMash Content (HKLM-x32\...\{4D454CF8-12FD-464D-B57B-B46FE27B78BB}) (Version: 2.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg LoopMash Content 2 (HKLM-x32\...\{88C337F0-4CF2-4098-BDC0-D94859ECA2B4}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop (HKLM-x32\...\{DC0A50F1-AD2A-4B8C-BD9E-C047B3D8F9E5}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Padshop 64bit (HKLM\...\{75F15019-C0C2-4047-AA45-97B4BD313719}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue (HKLM-x32\...\{0EB4D2B3-9410-4FB7-AD46-C48CE45B9498}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg Retrologue 64bit (HKLM\...\{4D65ECE6-131D-4B5F-8470-2750D3161619}) (Version: 1.1.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg SKI Remote 64bit (HKLM\...\{7C1459C6-FC71-45FD-BABB-74578F9ED460}) (Version: 1.0.7 - Steinberg Media Technologies GmbH)
Steinberg The Grand VSTi DXi v2.1.0 (HKLM-x32\...\Steinberg The Grand VSTi DXi_is1) (Version:  - )
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg Virtual Bassist VSTi DXi v1.0 (HKLM-x32\...\Steinberg Virtual Bassist VSTi DXi_is1) (Version:  - )
Steinberg Virtual Guitarist 2 (HKLM-x32\...\VG2_is1) (Version:  - Steinberg Media Technologies GmbH.)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg VST Bass Amp Content (HKLM-x32\...\{A2FC1750-B90F-4948-9D6E-DDDA155C6EC8}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Stellar Phoenix Windows Data Recovery - Home (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Home_is1) (Version: 4.2.0.1 - Stellar Information Systems Ltd)
Steven Slate Avatar Presets (HKLM-x32\...\{1C7497B0-A440-433E-BCF2-D98368D4E753}) (Version: 1.0.0 - Toontrack)
Steven Slate Steven Slate Drums EX (HKLM\...\{faf25835-fc55-4ddd-b1f5-c39ff62f5166}) (Version: 1.0.0.001 - Steven Slate) Hidden
Steven Slate Steven Slate Drums EX (HKLM-x32\...\Steven Slate Steven Slate Drums EX) (Version:  - Steven Slate)
Strongvault Online Backup (HKLM-x32\...\{5E33D30D-D896-4D92-B033-5F45819B2937}) (Version: 5.0.2.34 - Strongvault Online Backup) Hidden <==== ATTENTION
Studio Devil VBA Pro v1.0 (HKLM-x32\...\Studio Devil VBA Pro_is1) (Version:  - StudioDevil)
Style Works 2000 Korg Pa (C:\Program Files (x86)\Style Works 2000 Korg Pa\) (HKLM-x32\...\ST6UNST #3) (Version:  - )
Style Works 2000 Korg Pa (HKLM-x32\...\ST6UNST #2) (Version:  - )
Style Works XT Universal (HKLM-x32\...\ST6UNST #1) (Version:  - )
Sugar Bytes Factory 1.0.1 (HKLM\...\Factory_is1) (Version: 1.0.1 - Sugar Bytes)
Sugar Bytes Guitarist 1.0.2 (HKLM\...\Guitarist_is1) (Version: 1.0.2 - Sugar Bytes)
Sugar Bytes TransVST 1.0 (HKLM\...\TransVST_is1) (Version: 1.0 - Sugar Bytes)
Sugar Bytes Turnado 1.0.1 (HKLM\...\Turnado_is1) (Version: 1.0.1 - Sugar Bytes)
Superior Drummer 64-bit (HKLM\...\{22029AEE-38DF-4E35-AEF4-FE8CA3F6667F}) (Version: 2.3.1 - Toontrack)
Superior Drummer Installer (HKLM-x32\...\{009AC76E-1A66-4682-82B7-417E77F3C648}) (Version: 2.1.1 - Toontrack)
SuperWave P8 (HKLM-x32\...\{B681D0E8-6676-4AB9-846F-38CA5E0B5412}) (Version: 2.4 - SuperWave)
Surfer EQ version 1.2.2 (HKLM\...\{B8D2A156-B2DE-47BD-9789-F1A850F060C1}_is1) (Version: 1.2.2 - Sound Radix)
SWAM The Saxophones version 1.1.1 64bit (HKLM\...\{6A85AE8B-8674-4014-A976-6C7727B585E4}_is1) (Version: 1.1.1 64bit - Samplemodeling)
SWAM The Soprano and Bass Clarinets version 1.0.3 64bit (HKLM\...\{8DD33B84-8B9C-48A6-9075-9BB7F00EE991}_is1) (Version: 1.0.3 64bit - Samplemodeling)
Sylenth1 v2.21 (HKLM\...\Sylenth1_is1) (Version:  - )
Synth One (HKLM-x32\...\{1980CB8C-DFB1-4B8F-9CD6-3DBF79785304}) (Version: 3.4.4 - McDSP)
Synth One (HKLM-x32\...\{8A34CBDA-B483-4D86-942B-5CA27CB1BC95}) (Version: 3.4.4 - McDSP) Hidden
SynthMaster 2.8 VST/VSTi/AAX/Standalone Software Synthesizer version 2.8.10 (HKLM\...\{724D6BD0-88D0-4354-A124-6EE4D36E9EF2}_is1) (Version: 2.8.10 - KV331 Audio)
Synthogy Ivory 1.50 Standalone (HKLM-x32\...\Synthogy Ivory 1.50 Standalone) (Version:  - )
Syntronik version 1.2.0 (HKLM\...\{F4F8EE56-65A3-480C-A0CD-5CCA567A5673}_is1) (Version: 1.2.0 - IK Multimedia)
TAL-U-NO-LX-V2 (64bit) (HKLM\...\{DE42F1AE-940F-43CC-BF5A-3AD522DB9081}) (Version: 1.3.7 - TAL - Togu Audio Line)
TEAM R2R KORG Collection Authorizer (HKLM\...\KORG Collection Authorizer_is1) (Version: 1.0.0 - TEAM R2R)
TEAM R2R Roland Cloud Emulator (HKLM\...\Roland Cloud Emulator_is1) (Version: 1.1.0 - TEAM R2R)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
The Glue (HKLM\...\The Glue_is1) (Version: 1.3.12 - Team V.R)
Tina 9 - TI (HKLM-x32\...\{29EE2D02-34FE-4984-8830-7DEF5C95946E}) (Version: 9.00.000 - DesignSoft)
Tone2 Firebird VSTi v1.2.1 (HKLM-x32\...\Tone2 Firebird VSTi v1.2.1) (Version:  - )
Townsend Labs Sphere version 1.0 (HKLM-x32\...\{76C62E99-20F2-4E77-A787-4F04EDEDABA7}_is1) (Version: 1.0 - Townsend Labs Inc.)
TrackballWorks (HKLM-x32\...\{51ADFD15-6B63-4F8E-8076-F4E31FFEE32A}) (Version: 1.1.15 - Kensington Computer Products Group)
T-RackS 5 version 5.0.0 (HKLM\...\{7609F15A-5EF0-49B8-A6B4-4BBB5FFB9021}_is1) (Version: 5.0.0 - IK Multimedia)
Trackspacer (HKLM\...\Trackspacer_is1) (Version: 2.0.4 - Wavesfactory)
Trash version 2.0.5 (HKLM-x32\...\{4C809F87-3910-4E10-BEF2-F3C6FEA94E2E}_is1) (Version: 2.0.5 - iZotope)
TruePianos 1.9.2 (HKLM\...\TruePianos_is1) (Version:  - 4Front Technologies)
TX16Wx Software Sampler 2 (x64) (HKLM\...\{6C44F0AB-5B75-4585-B629-F9CB51DC8C65}) (Version: 2.402.4351.1048 - CWITEC)
UltimatePluginTool (HKLM-x32\...\UltimateOutsider_UltimatePluginTool) (Version:  - UltimateOutsider)
UltraProgDEMO (HKLM-x32\...\UltraProgDEMO 15.0.2.0) (Version: 3.2.7.0 - UltraProg.co.uk)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.5.2 - CrystalIDEA Software, Inc.)
UninstallTpkdx64 (HKLM\...\Tpkdx64_is1) (Version:  - )
URS Classic Console Strip Pro VST RTAS v1.0 (HKLM-x32\...\URS Classic Console Strip Pro VST RTAS_is1) (Version:  - )
URS Plug-In Bundle Complete VST RTAS v1.0 (HKLM-x32\...\URS Plug-In Bundle Complete VST RTAS_is1) (Version:  - )
USB Audio Driver for X-USB v4.11.0 (HKLM-x32\...\Software_BEHRINGER_x-usb_audio_Setup) (Version: 4.11.0 - BEHRINGER)
UVI Workstation 1.1.7 (HKLM-x32\...\UVI Workstation_is1) (Version: 1.1.7 - Univers Sons)
UVI Workstation x64 3.0.0 (HKLM\...\UVI Workstation x64_is1) (Version: 3.0.0 - UVI)
V3Sync ReWire Synchronizer (HKLM-x32\...\V3SyncReWireSynchronizer) (Version: 2.5.0.6 - ALIPAPA)
ValhallaFreqEcho version 1.0.5 (HKLM-x32\...\{86164718-6457-42DE-8DB6-EA05F7045F2C}_is1) (Version: 1.0.5 - Valhalla DSP, LLC)
ValhallaPlate version 1.5.0dot25 (HKLM-x32\...\{0FD9F8AC-2CD0-454C-823A-1E076903E795}_is1) (Version: 1.5.0dot25 - Valhalla DSP, LLC)
ValhallaRoom 1.1.0 (HKLM-x32\...\ValhallaRoom_is1) (Version:  - )
ValhallaRoom version 1.1.1 (HKLM-x32\...\{375980F3-1584-496E-888B-BD3D81EF0C1D}_is1) (Version: 1.1.1 - Valhalla DSP, LLC)
ValhallaShimmer version 1.0.3dot4 (HKLM-x32\...\{6955BA75-52B6-4C6F-BCC4-1014920D587C}_is1) (Version: 1.0.3dot4 - Valhalla DSP, LLC)
ValhallaSpaceModulator version 1.0.7 (HKLM-x32\...\{5A8791CD-6E9A-4270-8A0B-D6AC9967877E}_is1) (Version: 1.0.7 - Valhalla DSP, LLC)
ValhallaUberMod version 1.0.2b5dot3 (HKLM-x32\...\{1188FD74-9F6B-4E9A-8D9E-0E81783BB376}_is1) (Version: 1.0.2b5dot3 - Valhalla DSP, LLC)
ValhallaVintageVerb version 1.7.1 (HKLM-x32\...\{F63B0240-2765-450B-81CD-D305D9F53C3D}_is1) (Version: 1.7.1 - Valhalla DSP, LLC)
Vandal 1.0.0.0 (UK) (HKLM-x32\...\Vandal UK) (Version: 1.0.0.0 - MAGIX AG)
VB:FFX-4 Rack (HKLM-x32\...\VB:FFX-4 Rack) (Version:  - )
Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)
Viber (HKLM-x32\...\{1DD6FC81-0552-4E17-B2DC-1023C8FC69A5}) (Version: 8.2.0.1 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\{ee6b9288-8283-46ed-be0b-0f17c1da4bd5}) (Version: 8.2.0.1 - Viber Media Inc.)
Vir2 Electri6ity (HKLM\...\{f77525f8-b425-4868-be5d-3ad46c74381a}) (Version: 1.0.0.001 - Vir2) Hidden
Vir2 Electri6ity (HKLM-x32\...\Vir2 Electri6ity) (Version:  - Vir2)
Virtual CD v10 (HKLM-x32\...\{10C51313-A308-4B40-90E3-B368D5882660}) (Version: 10.10.6 - H+H Software GmbH)
Virtual Drummer SOLID version 1.0.0.1008 (HKLM\...\Virtual Drummer SOLID_is1) (Version: 1.0.0.1008 - NXTGN Music Technology GmbH)
Virtual Guitarist AMBER version 1.0.1 (HKLM-x32\...\9EA83D4D-671C-4BEC-9A66-D3CBC0796FCA_is1) (Version: 1.0.1 - NXTGN Music Technology GmbH)
Virtual Guitarist IRON version 1.0.1 (HKLM-x32\...\{CDC41295-5C54-4598-AC75-63F44EFC3F39}_is1) (Version: 1.0.1 - NXTGN Music Technology GmbH)
Virtual Guitarist SILK version 1.0.0 (HKLM-x32\...\232A9D79-F28F-432D-B3B9-97029962D3A7_is1) (Version: 1.0.0 - NXTGN Music Technology GmbH)
Virtual Guitarist SPARKLE version 1.0.0 (HKLM-x32\...\232A9D79-F28F-432D-B3B9-96029962D3A7_is1) (Version: 1.0.0 - NXTGN Music Technology GmbH)
Visual C++ 64-bit Redistributables (HKLM-x32\...\InstallShield_{FB03650C-B373-4B20-ACA5-B7BA1A8EEE33}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Visual C++ Redistributables (HKLM-x32\...\InstallShield_{F03117FA-9270-46B0-9666-0B4BC2CDEBF5}) (Version: 1.2.0.5555 - PACE Anti-Piracy, Inc.)
Vit Registry Fix 12.7.0 (Remove only) (HKLM\...\Vit Registry Fix) (Version:  - VITSOFT)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
VMS Bundle (HKLM\...\Slate Digital VMS Bundle_is1) (Version: 1.8.6.1 - Slate Digital)
VMware Player (HKLM\...\{E452E727-86B8-4233-8CC3-41FD817AFAFF}) (Version: 6.0.6 - VMware, Inc.) Hidden
VMware Player (HKLM-x32\...\VMware_Player) (Version: 6.0.6 - VMware, Inc)
VocALign Pro 4 VST (64bit) (HKLM\...\{17F13CFE-9956-4688-A875-F00B2EC3C312}) (Version: 4.2 - Synchro Arts Ltd)
VocALign Pro 4 VST (HKLM-x32\...\{EB77C666-B349-4046-8BD3-E4941119E1EF}) (Version: 4.00.0000 - Synchro Arts Ltd)
VocALign Project (HKLM-x32\...\{7E7F3882-48B3-424B-9BE2-D257D1319C59}) (Version: 2.9.1 - Synchro Arts Ltd)
Voices of the Apocylpse Utility 2.0 (HKLM-x32\...\Voices of the Apocylpse Utility 2.0) (Version:  - )
Voxengo Elephant (HKLM\...\Voxengo Elephant_is1) (Version: 4.1 - Voxengo)
Vycro MX (HKLM-x32\...\{E7899BB3-D648-47AB-9913-A75763FF3F8E}_is1) (Version: Vycro MX 1.00 - Psicraft Designs, Inc.)
WaveLab 6 (HKLM-x32\...\WaveLabPro) (Version: 6.1.1.353 - Steinberg)
Waves Central 1.2.0.5 (HKLM-x32\...\{94000200-C561-4E32-99EB-3C5AD3683A70}_is1) (Version: 1.2.0 - Waves, Inc.)
Way out Ware TimewARP2600 VSTi RTAS v1.4.1 (HKLM-x32\...\Way out Ware TimewARP2600 VSTi RTAS_is1) (Version:  - )
WIDI Recognition System Pro 4.3 (remove only) (HKLM-x32\...\WIDI Recognition System Pro 4.3) (Version:  - )
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WordBuilder (HKLM-x32\...\{B7DAD844-34CD-456B-83CC-88065323DD69}) (Version: 1.1.21 - East West)
Xkey Plus version 2.5 (HKLM-x32\...\{C9459F5A-E4EE-4853-AD86-EB1BC71FBCE1}_is1) (Version: 2.5 - CME)
XLN Audio Addictive Keys (HKLM\...\Addictive Keys_is1) (Version: 1.1.4 - XLN Audio)
Yamaha MOTIF XS Editor Standalone/VST (HKLM-x32\...\Yamaha MOTIF XS Editor Standalone_VST) (Version: 1.6.4 - Yamaha Corporation)
Yamaha MOXF6/MOXF8 Editor Standalone/VST (HKLM-x32\...\Yamaha MOXF6_MOXF8 Editor Standalone_VST) (Version: 1.6.3 - Yamaha Corporation)
Yamaha Steinberg USB Driver (HKLM\...\{AB3A0AC0-EDF6-44FD-9601-55B012CFE4CE}) (Version: 1.9.9 - Yamaha Corporation) Hidden
Yamaha Steinberg USB Driver (HKLM-x32\...\InstallShield_{AB3A0AC0-EDF6-44FD-9601-55B012CFE4CE}) (Version: 1.9.9 - Yamaha Corporation)
Yamaha USB-MIDI Driver (HKLM\...\{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation) Hidden
Yamaha USB-MIDI Driver (HKLM-x32\...\InstallShield_{2D488455-3E89-49EF-BA6E-92C2503DC89D}) (Version: 3.1.4.1 - Yamaha Corporation)
Z3TA+ 2 (HKLM-x32\...\Z3TA+ 2_is1) (Version: 2.1 - Cakewalk Music Software)
ZenitSuite Ver 1.8 (HKLM-x32\...\ZenitSuite Ver 1.8_is1) (Version:  - Stortini Mirko Bruno)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2471529075-549776662-2202226941-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2471529075-549776662-2202226941-1000_Classes\CLSID\{20A214C8-BA54-49EE-A642-70B54C9D020F}\InprocServer32 -> C:\Windows\system32\kernel32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2471529075-549776662-2202226941-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\vm\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2471529075-549776662-2202226941-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\vm\AppData\Local\Google\Update\1.3.33.17\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers2-x32: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlex.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxShlEx64.dll [2014-09-06] (Alcohol Soft Development Team)
ContextMenuHandlers2-x32: [DaemonShellExtDrive] -> {A5415364-784A-41A5-B47A-D452909CA8FF} => C:\Program Files\DAEMON Tools Pro\DTShl64.dll [2016-03-29] (Disc Soft Ltd)
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler] -> {271DC252-6FE1-4D59-9053-E4CF50AB99DE} => C:\Program Files (x86)\VMware\VMware Player\vmdkShellExt.dll [2015-04-28] (VMware, Inc.)
ContextMenuHandlers2-x32-x32: [VMDiskMenuHandler64] -> {E4D28EDC-8C0B-43EE-9E7D-C8A8682334DC} => C:\Program Files (x86)\VMware\VMware Player\x64\vmdkShellExt64.dll [2015-04-28] (VMware, Inc.)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\atiacm64.dll [2015-08-04] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-03-02] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-03-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {094FD297-496B-40A9-9CA1-5E3370BDE500} - System32\Tasks\RunUninstallTool_SkipUac => C:\Program Files\Uninstall Tool\UninstallTool.exe [2017-04-08] (CrystalIDEA Software)
Task: {11C7E7D3-6BE2-4ED1-A4C3-E39710D7A5C7} - System32\Tasks\{F59D4B74-9BDB-4B4E-B70B-9A546D5A51CC} => C:\Program Files\Steinberg\Cubase 8\Cubase8.exe [2016-03-24] (Steinberg Media Technologies)
Task: {15102DBD-014F-4D9E-A7F9-CBAF9809B4B5} - System32\Tasks\haymarkethaymarket => C:\Program Files (x86)\aversa\aversa.exe
Task: {196EDC03-D2BA-4665-9410-311BD60BB42A} - System32\Tasks\{1DEBCE07-71D0-448C-B4CA-7EF2CD1E21E7} => C:\Program Files\Steinberg\Cubase 8\Cubase8.exe [2016-03-24] (Steinberg Media Technologies)
Task: {3482A069-2C33-43E2-B2BF-52AE36468DB8} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe
Task: {371FE530-F28F-432C-9686-9C4127ADBA56} - System32\Tasks\{79E0D747-954A-3808-F527-3E0E4315B31C} => C:\Users\vm\AppData\Local\{667F5~1\UPDATE~1.EXE <==== ATTENTION
Task: {45365893-1F3F-48B3-9242-022FCAC0CCF4} - System32\Tasks\{9715ADF3-AB9B-40DE-8783-47839497EDD5} => C:\Windows\system32\pcalua.exe -a "I:\Downloads\Samplemodeling's Mr. Sax T. Teno..\Samplemodeling's Mr. Sax T. Tenor Saxophone V1.01\Mr. Sax T Setup.exe" -d "I:\Downloads\Samplemodeling's Mr. Sax T. Teno..\Samplemodeling's Mr. Sax T. Tenor Saxophone V1.01"
Task: {515DABD5-DE49-4EB3-9576-2659A426CE19} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {537BE687-F3D3-4113-9E15-9983A07096C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {56072FD3-5C0F-41C3-88AD-FD9D32A8C682} - System32\Tasks\{CED753EC-B7A9-4401-91C1-A3D0EF752DD1} => C:\Windows\system32\pcalua.exe -a C:\Users\vm\Downloads\install_flash_player(1).exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {56DC097B-3A81-4D78-A243-9B3ACE661995} - System32\Tasks\{6210E93B-1222-40D1-B31D-38A27C79EE13} => C:\Program Files\Steinberg\Cubase 8\Cubase8.exe [2016-03-24] (Steinberg Media Technologies)
Task: {59789DE4-A1DD-4CEC-BB33-6C86B3652C80} - \AutoKMS -> No File <==== ATTENTION
Task: {6006779E-25BA-46F6-B451-D1047958C274} - System32\Tasks\haymarket => C:\Program Files (x86)\aversa\aversa.exe
Task: {6B1FE427-C500-48E1-BCAF-B6FD024F3BEB} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2471529075-549776662-2202226941-1000Core => C:\Users\vm\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-15] (Google Inc.)
Task: {813E4256-CFF7-4ACC-A576-AB3319B8B296} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2018-01-08] (Apple Inc.)
Task: {8B269F31-AF17-49DB-A3BD-807346E29CCA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd)
Task: {8BEF45B1-E892-4CC6-AC09-E882CB7E80F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2471529075-549776662-2202226941-1000UA => C:\Users\vm\AppData\Local\Google\Update\GoogleUpdate.exe [2018-02-15] (Google Inc.)
Task: {A2B1F271-D75D-4345-927D-C59AD4C44D3B} - System32\Tasks\{CDB0DB57-FC4D-4130-AD1E-27FBD57FFA81} => C:\Windows\system32\pcalua.exe -a C:\Users\vm\Desktop\Virtual.CD.v10.1.0.6.Retail\setup.exe -d C:\Users\vm\Desktop\Virtual.CD.v10.1.0.6.Retail
Task: {A42211CE-6425-486E-A406-2846885FC4B1} - System32\Tasks\{13B2C84A-B69F-4786-8892-53B90FD9E9DF} => C:\Windows\system32\pcalua.exe -a "I:\Lennardigital Sylenth1 VSTi v2.2 - Dynamics\Sylenth1_setup.exe" -d "I:\Lennardigital Sylenth1 VSTi v2.2 - Dynamics"
Task: {CB428F29-5BBD-42D7-BBE8-DA0C00C6198F} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
Task: {E0BEDAC8-F05B-47DB-954B-02DDC28CB89F} - System32\Tasks\{58465676-849E-4DEE-B221-CF063EAB8C51} => C:\Windows\system32\pcalua.exe -a "Q:\FATALY IMPORTANT!! Vadim\7-25-11\Lennardigital Sylenth1 VSTi v2.2 - Dynamics\Sylenth1_setup.exe" -d "Q:\FATALY IMPORTANT!! Vadim\7-25-11\Lennardigital Sylenth1 VSTi v2.2 - Dynamics"
Task: {EA6F373C-B329-4120-BC33-A7D7A560F872} - System32\Tasks\{DD230CCA-0981-4475-8369-1AA318EBC91B} => C:\Windows\system32\pcalua.exe -a D:\wizardinstallv5.exe -d D:\
Task: {ED0D454D-1EFF-4FA8-AF51-B8A82BE9977B} - System32\Tasks\{13829813-198C-4C79-BE86-F74FE4B23EA3} => C:\Windows\system32\pcalua.exe -a "I:\Lennardigital Sylenth1 VSTi v2.2 - Dynamics\Sylenth1_setup.exe" -d "I:\Lennardigital Sylenth1 VSTi v2.2 - Dynamics"
Task: {F5C7E59B-D4E0-40B5-B1B4-35649C6CDA69} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\{79E0D747-954A-3808-F527-3E0E4315B31C}.job => C:\Users\vm\AppData\Local\{667F5~1\UPDATE~1.EXE <==== ATTENTION

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-04-28 14:35 - 2015-04-28 14:35 - 001301720 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:482EE99B1E21CE8C [1]
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:R1MvNjk7XkVLTmiBK1 [2372]
AlternateDataStreams: C:\Program Files\Common Files\System:5ENGRT6Q2fqVAcMUG3mxNmKMegNH [2506]
AlternateDataStreams: C:\Users\vm\AppData\Local:du936RnU9sWfc1LTIsNa [2522]
AlternateDataStreams: C:\Users\vm\AppData\Local:QdXagd6Pz0ToNLiJY1tVNg [2478]
AlternateDataStreams: C:\Users\vm\AppData\Local:WEudISZj16xmnRmW56GL [2712]
AlternateDataStreams: C:\Users\vm\AppData\Local\84Sv155J:9GPEbE2q48yjkRxc6iXxDEomtZ [2808]
AlternateDataStreams: C:\Users\vm\AppData\Local\h1WYE7t0k5:U4zrhoXDLtuTdeYW4gV9KPkXo7O [549]
AlternateDataStreams: C:\Users\vm\AppData\Local\hTjvi9neXIuST:WTFQpVOVz4xSboomLLVgtBpI0n [2612]
AlternateDataStreams: C:\Users\vm\AppData\Local\Temp:uNFW1dnT1xHk2tbyLC7wHYpkqT [2480]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr:  =>  <==== ATTENTION
HKU\S-1-5-21-2471529075-549776662-2202226941-1000\Software\Classes\regfile: regedit.exe "%1" <==== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2471529075-549776662-2202226941-1000\...\line6.net -> line6.net

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2018-07-18 19:51 - 000001823 _____ C:\Windows\system32\Drivers\etc\hosts

0.0.0.0 serius.mwbsys.com
0.0.0.0 localhost
0.0.0.0 tone2.com
0.0.0.0 www.tone2.com
0.0.0.0 tone2.net
0.0.0.0 www.tone2.net
104.251.211.173 clients2.google.com
127.0.0.1 wemsofts.com
127.0.0.1 bongadoom.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 internalcampaigntargets.com
127.0.0.1 bongadoom.com
127.0.0.1 getthefilenow.com
127.0.0.1 bigpicturepop.com
127.0.0.1 wizzcaster.com
127.0.0.1 bestoffersfortoday.com
127.0.0.1 wepcmainsystem.com
127.0.0.1 agent.wizztrakys.com
127.0.0.1 csdimonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 titiaredh.com
127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 mess1.wizzmonetize.com
127.0.0.1 dl.azalee.site
127.0.0.1 dl.smashdl.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2471529075-549776662-2202226941-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\vm\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: AcrSch2Svc => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: afcdpsrv => 2
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: Apple Mobile Device Service => 2
MSCONFIG\Services: AxAutoMntSrv => 2
MSCONFIG\Services: Backupper Service => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BotkindSyncService => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: DigiRefresh => 2
MSCONFIG\Services: Disc Soft Pro Bus Service => 3
MSCONFIG\Services: Disc Soft Ultra Bus Service => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: Focusrite Control Server => 2
MSCONFIG\Services: GMMDIIdentificationService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Seagate Dashboard Services => 2
MSCONFIG\Services: StarWindServiceAE => 2
MSCONFIG\Services: syncagentsrv => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VC10SecS => 2
MSCONFIG\Services: WMPNetworkSvc => 2
MSCONFIG\Services: wscsvc => 2
MSCONFIG\Services: wuauserv => 2
MSCONFIG\Services: YmNmY2MzODdiN2Q3 => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CodeMeter Control Center.lnk => C:\Windows\pss\CodeMeter Control Center.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FireBox Control Panel.lnk => C:\Windows\pss\FireBox Control Panel.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MOTU Pedal Service.lnk => C:\Windows\pss\MOTU Pedal Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^X-USB Control Panel Autostart.lnk => C:\Windows\pss\X-USB Control Panel Autostart.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^vm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Cubase8.exe - Shortcut.lnk => C:\Windows\pss\Cubase8.exe - Shortcut.lnk.Startup
MSCONFIG\startupfolder: C:^Users^vm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^rwgchbec.lnk => C:\Windows\pss\rwgchbec.lnk.Startup
MSCONFIG\startupfolder: C:^Users^vm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^watch.lnk => C:\Windows\pss\watch.lnk.Startup
MSCONFIG\startupfolder: C:^Users^vm^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^watchwatch.lnk => C:\Windows\pss\watchwatch.lnk.Startup
MSCONFIG\startupreg: Adobe ARM =>
MSCONFIG\startupreg: ARCYFQJGND.exe => C:\Users\vm\AppData\Roaming\be27a74ac113459ea081232bd9a66a53\ARCYFQJGND.exe
MSCONFIG\startupreg: Bielecki => "C:\Program Files (x86)\Pillory\Academie.exe" zhheaa
MSCONFIG\startupreg: BitTorrent =>
MSCONFIG\startupreg: bogosian => "C:\Program Files (x86)\Pillory\Academie.exe" zhheaa
MSCONFIG\startupreg: Brakes => "C:\Program Files (x86)\Pillory\Academie.exe" zhheaa
MSCONFIG\startupreg: Brownson => "C:\Program Files (x86)\impersonation\Monitors.exe" zhheaa
MSCONFIG\startupreg: Confession => "C:\Program Files (x86)\impersonation\Monitors.exe" zhheaa
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun
MSCONFIG\startupreg: DBAgent =>
MSCONFIG\startupreg: DigidesignMMERefresh =>
MSCONFIG\startupreg: Google Update => C:\Users\vm\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
MSCONFIG\startupreg: IntelliPoint => "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
MSCONFIG\startupreg: Kensington TrackballWorks => "C:\Program Files (x86)\Kensington\TrackballWorks\TbwHelper.exe"
MSCONFIG\startupreg: KORG USB-MIDI Driver => C:\Program Files (x86)\KORG\KORG USB-MIDI Driver\EsHelper2.exe /s
MSCONFIG\startupreg: LogiOptions => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
MSCONFIG\startupreg: Mib => "C:\Program Files (x86)\Grog\Academie.exe" zhheaa
MSCONFIG\startupreg: pedaled => "C:\Program Files (x86)\semiprofessional\pedaled.exe" zhheaa
MSCONFIG\startupreg: QuickTime Task =>
MSCONFIG\startupreg: Shreveport => "C:\Program Files (x86)\impersonation\Monitors.exe" zhheaa
MSCONFIG\startupreg: SMessaging =>
MSCONFIG\startupreg: Spurted => "C:\Program Files (x86)\impersonation\Monitors.exe" zhheaa
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
MSCONFIG\startupreg: Swarms => "C:\Program Files (x86)\Grog\Academie.exe" zhheaa
MSCONFIG\startupreg: Tablespoons => "C:\Program Files (x86)\Grog\Academie.exe" zhheaa
MSCONFIG\startupreg: Thar => "C:\Program Files (x86)\Pillory\Academie.exe" zhheaa
MSCONFIG\startupreg: TrueImageMonitor.exe =>
MSCONFIG\startupreg: Uploader =>
MSCONFIG\startupreg: VC10Player => C:\Program Files (x86)\Virtual CD v10\System\VC10Play.exe
MSCONFIG\startupreg: Workup => "C:\Program Files (x86)\Pillory\Academie.exe" zhheaa

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{32221A5A-E2BB-4E5E-BCF2-47DB023793A1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{4AD2127A-9E13-45AD-9F9D-5311EBEAB538}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{F4E783DF-F8B2-45D1-8956-AC3B36974FF7}C:\program files (x86)\room eq wizard v5\roomeqwizard.exe] => (Block) C:\program files (x86)\room eq wizard v5\roomeqwizard.exe
FirewallRules: [UDP Query User{05C42E76-6995-4875-9860-9312BBEF9BCC}C:\program files (x86)\room eq wizard v5\roomeqwizard.exe] => (Block) C:\program files (x86)\room eq wizard v5\roomeqwizard.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{F5ECE563-F241-490C-86D4-0803C008583A}C:\program files\steinberg\cubase 8\cubase8.exe] => (Allow) C:\program files\steinberg\cubase 8\cubase8.exe
FirewallRules: [UDP Query User{FEBDAA8C-2E43-4B20-800E-72C2F7A40082}C:\program files\steinberg\cubase 8\cubase8.exe] => (Allow) C:\program files\steinberg\cubase 8\cubase8.exe
FirewallRules: [TCP Query User{F1B318BC-E82F-442F-8DB7-CCBEF1A2A9E5}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [UDP Query User{48F57444-F9F1-4F20-9F39-09E662E5980B}C:\program files (x86)\qbittorrent\qbittorrent.exe] => (Allow) C:\program files (x86)\qbittorrent\qbittorrent.exe
FirewallRules: [TCP Query User{0249F452-703E-406B-A35E-FCF0B5B2C8B2}C:\users\vm\desktop\x32-edit.exe] => (Allow) C:\users\vm\desktop\x32-edit.exe
FirewallRules: [UDP Query User{D353A8BA-AE6E-4E99-9CEE-BD6E685C9BB2}C:\users\vm\desktop\x32-edit.exe] => (Allow) C:\users\vm\desktop\x32-edit.exe
FirewallRules: [TCP Query User{398DE9AB-42DF-47FE-895B-96E3E3E39EB2}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{7552E279-C735-49C2-9468-4C12BC597979}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [TCP Query User{363387E0-4A1D-40FF-8FF1-3D8308897239}C:\program files (x86)\sonic visualiser\sonic visualiser.exe] => (Allow) C:\program files (x86)\sonic visualiser\sonic visualiser.exe
FirewallRules: [UDP Query User{88062A1D-AE74-4D25-A819-551B1DED366F}C:\program files (x86)\sonic visualiser\sonic visualiser.exe] => (Allow) C:\program files (x86)\sonic visualiser\sonic visualiser.exe
FirewallRules: [TCP Query User{3510C91B-3C71-4532-B3EF-AFF74CE6EB74}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{90C805AF-4B61-475F-B4E2-C297E6C4EFD3}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{A486A660-34A0-4315-BCE8-766353A42CCC}] => (Allow) LPort=8317
FirewallRules: [TCP Query User{DB0A975D-E9A1-4287-AB60-DC5AED880B01}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [UDP Query User{54B2724F-4E2A-4B8E-B9A6-3C4799EFBE4D}C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe] => (Allow) C:\program files\steinberg\cubase 8\components\vstbridgeapp.exe
FirewallRules: [{16BCCC19-5758-437D-8610-EC50F35788A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E17AA99D-6958-483E-9D02-3E9AAFD4DC80}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{1A793B37-899F-4B06-B8AB-49EE023428C6}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B68E5A72-FF9B-4462-8E37-9BA49AE0CD86}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{ECE62D34-8C0F-4098-98D2-F5BEC776E488}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{A6780F7D-EC4F-4EB3-8FF8-AB74DBA2B2D6}C:\program files\reaper (x64)\reaper.exe] => (Allow) C:\program files\reaper (x64)\reaper.exe
FirewallRules: [UDP Query User{4DB7F116-1DC0-4D62-8441-270E6B88BF1E}C:\program files\reaper (x64)\reaper.exe] => (Allow) C:\program files\reaper (x64)\reaper.exe
FirewallRules: [TCP Query User{8C54A13D-731C-459E-A65F-B85F24A5C648}C:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe
FirewallRules: [UDP Query User{018ADAE7-81E6-4DAD-8F78-48AF38DDCAEE}C:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe] => (Allow) C:\program files (x86)\image-line\fl studio 12\system\tools\bridge\64bit\ilbridge.exe
FirewallRules: [{624F14B0-FBA7-46E5-96AA-E8857655907D}] => (Allow) LPort=51111
FirewallRules: [{29AA157D-B490-43A0-B467-67BAC5A5D0DA}] => (Allow) LPort=51112
FirewallRules: [{071863A7-C794-49C7-B2FD-075AE339A0B7}] => (Allow) LPort=51113
FirewallRules: [{60BEC37C-9CF9-4650-B40F-8316901E136A}] => (Allow) C:\Program Files\Steinberg\Cubase 8\Cubase8.exe
FirewallRules: [{F5EA4532-302C-424F-AE05-C02F09605BBB}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{D2044AEC-E85E-423F-ABCC-FC220BF403A4}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{F746B62A-1DC0-442B-9C1C-58B9137309E9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FF550FB6-4723-489F-91C4-2E8AFD4997E2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{A88400F2-F0C0-4747-ADA2-9C23A0D4A95D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4ED9DC37-097D-4034-877B-6843E60557EA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{BE0A47C4-A702-465F-97D2-8E4FB94CD752}C:\programdata\spectrasonics\omnisphere.exe] => (Block) C:\programdata\spectrasonics\omnisphere.exe
FirewallRules: [UDP Query User{B82C1716-F7F7-4A47-8EA6-6DAA7947E288}C:\programdata\spectrasonics\omnisphere.exe] => (Block) C:\programdata\spectrasonics\omnisphere.exe
FirewallRules: [{0F509096-7A07-4570-AE94-B8A760CACFD7}] => (Allow) C:\Program Files\Focusrite\Focusrite Control\Server\ControlServer.exe
FirewallRules: [TCP Query User{EADF66DF-6C53-4CFE-B218-5BE5660A83AB}C:\program files\common files\native instruments\komplete kontrol\scanpluginsapp_x64.exe] => (Block) C:\program files\common files\native instruments\komplete kontrol\scanpluginsapp_x64.exe
FirewallRules: [UDP Query User{A1489DB1-472E-49ED-8BE4-4F440E5F3E5D}C:\program files\common files\native instruments\komplete kontrol\scanpluginsapp_x64.exe] => (Block) C:\program files\common files\native instruments\komplete kontrol\scanpluginsapp_x64.exe
FirewallRules: [{81C2ADA2-BBEE-46A5-A836-0FBBCE30DA3F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B956AF22-A4C9-40FE-9FF6-DFAEC9645B70}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{37ECF627-0518-459A-A531-1EAD95FD5857}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE
FirewallRules: [{0A2C5A16-6725-45EC-846A-4E597C80F9CE}] => (Allow) C:\Program Files (x86)\Pillory\Academie.exe
FirewallRules: [{399A500E-68E5-4E29-BB2C-3E52A7286C45}] => (Allow) C:\Program Files (x86)\Grog\Academie.exe
FirewallRules: [{4EC3F654-D6FF-4D22-874E-3010E05880F4}] => (Allow) C:\Program Files (x86)\impersonation\Monitors.exe
FirewallRules: [{0A46C85B-13A0-488A-A994-40FC8B648AC3}] => (Allow) C:\Program Files (x86)\Grog\Monitors.exe
FirewallRules: [{2A589169-F6BA-4AAC-8675-0F45658FE057}] => (Allow) H:\Download Loops Here\Malwarebytes Anti-Malware Premium v2.2.1.1043 Portable by Foxx PortableAppZ\MalwarebytesPremiumPortable_2.2.1.1043-Rev4\App\Malwarebytes\mbam.exe
FirewallRules: [{1F37AEB2-8D53-418D-A377-C43CF37052A1}] => (Allow) H:\Download Loops Here\Malwarebytes Anti-Malware Premium v2.2.1.1043 Portable by Foxx PortableAppZ\MalwarebytesPremiumPortable_2.2.1.1043-Rev4\App\Malwarebytes\mbam.exe
FirewallRules: [{3C6B6BF7-57EE-4F40-9697-3B69AE0FB641}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{AAC9C133-2DBB-4B0D-9CAD-6A465807CC8A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe] => Enabled:Windows Messanger
StandardProfile\AuthorizedApplications: [C:\Users\vm\AppData\Roaming\WH4O9FKJ5T.exe] => Enabled:Windows Messanger

==================== Restore Points =========================

18-07-2018 19:57:39 Checkpoint by HitmanPro
18-07-2018 19:58:03 Checkpoint by HitmanPro

==================== Faulty Device Manager Devices =============

Name: Standard floppy disk controller
Description: Standard floppy disk controller
Class Guid: {4d36e969-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard floppy disk controllers)
Service: fdc
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: YzNjMjMxZmU3NGI5N
Description: YzNjMjMxZmU3NGI5N
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: YzNjMjMxZmU3NGI5N
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2018 03:43:55 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-19T15:43:55.939-04:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 08:00:14 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T20:00:14.436-04:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 07:54:18 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T19:54:18.830-04:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 07:42:10 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T19:42:10.867-04:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 07:33:40 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T19:33:40.578-04:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 05:25:01 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T17:25:01.823-04:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 05:10:25 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T17:10:25.004-04:00| vthread-4| E105: Cannot find perfmon object in array returned by perfDLL, index=0

Error: (07/18/2018 05:06:29 PM) (Source: vmauthd) (EventID: 1000) (User: )
Description: 2018-07-18T17:06:29.926-04:00| vthread-5| E105: Cannot find perfmon object in array returned by perfDLL, index=0


System errors:
=============
Error: (07/19/2018 03:48:46 PM) (Source: mouclass) (EventID: 10) (User: )
Description: Could not disable interrupts on connected port device \Device\PointerClass4.

Error: (07/19/2018 03:48:04 PM) (Source: mouclass) (EventID: 10) (User: )
Description: Could not disable interrupts on connected port device \Device\PointerClass1.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/19/2018 03:47:51 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.


Windows Defender:
===================================
Date: 2017-01-16 14:08:49.227
Description:
Windows Defender has detected spyware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid=37020&name=SoftwareBundler:Win32/Penzievs&threatid=226179
Name:SoftwareBundler:Win32/Penzievs
ID:226179
Severity:High
Category:Software Bundler
Path Found:containerfile:C:\Users\vm\AppData\Local\Temp\nsa426A.tmp\zMCExlIZgP.exe;file:C:\Users\vm\AppData\Local\Temp\nsa426A.tmp\zMCExlIZgP.exe->(nsis-instdata);process:pid:8112
Detection Type:Concrete
Detection Source:Real-Time Protection
Status:Unknown
Process Name:

Date: 2017-07-11 19:53:35.582
Description:
Windows Defender has encountered an error trying to load signatures and will attempt reverting back to a known-good set of signatures.
Signatures Attempted:Current
Error Code:0x80070003
Error description:The system cannot find the path specified.
Signature version:0.0.0.0
Engine version:0.0.0.0

Date: 2016-05-11 03:05:05.904
Description:
%1 engine has been terminated due to an unexpected error.
Failure Type:%5
Exception code:%6
Resource:%3

CodeIntegrity:
===================================

Date: 2017-12-04 19:07:19.996
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-12-04 19:07:19.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\AtihdW76.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:43:51.848
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:43:51.833
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:42:49.164
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:42:49.132
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:37:07.782
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2017-11-22 14:37:07.754
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\tbwkern.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 920 @ 2.67GHz
Percentage of memory in use: 12%
Total physical RAM: 24566.12 MB
Available physical RAM: 21384.55 MB
Total Virtual: 24664.3 MB
Available Virtual: 21484.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:23.3 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive g: (Projects Sessions) (Fixed) (Total:931.51 GB) (Free:345.96 GB) NTFS
Drive h: (Sample Content) (Fixed) (Total:1863.01 GB) (Free:104.62 GB) NTFS
Drive l: (Sample Content 2) (Fixed) (Total:894.25 GB) (Free:44.93 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: CF6F72D0)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 8596DA9C)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 333E3DA5)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7/8/10) (Size: 894.3 GB) (Disk ID: B765136A)
Partition 1: (Not Active) - (Size=894.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================



#5 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,925 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:45 AM

Posted 19 July 2018 - 03:24 PM

You will need another computer to download FRST64 to a USB drive, run FRST64 in the Recovery Environment, then back in Normal Mode.

Please download Farbar Recovery Scan Tool in an uninfected computer and save it to a flash drive (Pen Drive).

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. In your case is FRST64.exe

Please also download the attached file Attached File  Fixlist.txt   8.08KB   15 downloads and save it in the same location the FRST64 is saved in the flash drive.

Boot to the Recovery Console's Command prompt in the infected computer.

Boot in the Recovery Environment

  • Plug your USB Flash Drive in the infected computer
  • To enter the Recovery Environment with Windows Vista and Windows 7, follow the instructions below:
  • Restart the computer
  • Once you've seen your BIOS splashscreen (the computer manufacturer logo), tap the F8 key repeatedly until the Advanced Boot Options menu appears
  • Use the arrow keys to select Repair your computer, and press on Enter
  • Select your keyboard layout (US, French, etc.) and click on Next
  • Click on Command Prompt to open the command prompt
    Note: If you can't access the Recovery Environment using the F8 method above, you'll need to create a Windows installation or repair media. It can be made on the computer itself or another one running the same version of Windows as the one you plan to use it on. For more information, check out this tutorial on SevenForums.

Once in the Command prompt:

  • In the command prompt, type notepad and press on Enter
  • Notepad will open. Click on the File menu and select Open
  • Click on Computer/This PC, find the letter for your USB Flash Drive, then close the window and Notepad
  • In the command prompt, type e:\frst.exe (for the x64 version, type e:\frst64.exe and press on Enter
  • Note: Replace the letter e with the drive letter of your USB Flash Drive
  • FRST will open
  • Click on Yes to accept the disclaimer
  • First press the Scan button. That will deactivate the rootkit. Once the scan is finished, press the Fix button
  • These actions will make two logs, a Fixlog.txt and a FRST.txt logs in the flash drive. Please copy and paste them in your reply

Once finished in the Recovery Environment, restart the computer in Normal Mode.

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version. In your case is FRST64.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Make sure that under Optional Scans, there is a checkmark on Addition.txt.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also produce another log (Addition.txt ). Please attach this to your reply.

I will expect the following reports:

Frst.txt produced in the Recovery Environment
Fixlog.txt produced in the Recovery Environment
Frst.txt produced in Normal Mode
Addition.txt produced in Normal Mode

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#6 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 04:29 PM

I keep trying to enter advanced boot by Pressing F8 on start but it only opens boot drive order selection , and I select USB drive but it boots into windows normaly anyways

#7 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 04:50 PM

This is what appears when I press F8 on start up.

Attached Files


Edited by vad777, 19 July 2018 - 04:51 PM.


#8 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,925 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:45 AM

Posted 19 July 2018 - 04:58 PM

Looks like a boot menu.

 

Use this batchfiile: Attached File  boot_into_RE_2.zip   1.26KB   11 downloads


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#9 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 05:01 PM

Ok I had to press F8 again after boot selection.

Now it gives me error "the boot selection failed because a required device is inaccessible"

Edited by vad777, 19 July 2018 - 05:02 PM.


#10 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 05:13 PM

This is the screen that comes up now

Attached Files



#11 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,925 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:45 AM

Posted 19 July 2018 - 05:43 PM

Sent you a message:

 


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#12 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 06:02 PM

Sent you a message:

 

attachicon.gifRufus.jpg

thank you. 

this is not gonna reinstall entire windows system i hope ? 

becuase it will take me many days reinstalling all audio and video software and plugins



#13 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 06:54 PM

This is worse than I thought.
This computer can't even see this USB thumb drive.
When going under disk management it shows this error:

Attached Files



#14 JSntgRvr

JSntgRvr

    Master Surgeon General


  • Malware Response Team
  • 11,925 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto Rico
  • Local time:11:45 AM

Posted 19 July 2018 - 07:06 PM

Check the Device Manager.

 

To open it, press Windows Key + R, type “devmgmt.msc” into the Run dialog, and press Enter.

 

Look under Disk drives and check for any devices with a yellow exclamation mark next to them. If you see a yellow exclamation mark, you have a driver problem. Right-click the device with a yellow exclamation mark, select Properties, and look at the error message. This error message can help you fix the problem.

 

Does Rufus detect it? Do you have another computer to test the USB drive? Is it detected during the Boot Menu?


No request for help throughout private messaging will be attended.

If I have helped you, consider making a donation to help me continue the fight against Malware!
btn_donate_SM.gif


#15 vad777

vad777
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:04:45 PM

Posted 19 July 2018 - 07:12 PM

Yes its detected in the boot selection,
but I dont know which drive letter it is, in order to selected it in repair computer command prompt..




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users