Just nu i M3-nätverket
Jump to content

Mbam klagar konstant


cybertears
 Share

Recommended Posts

cybertears

Hej!

 

Mbam har börjat klaga på samma fil hela tiden. 

 

Malwarebytes
www.malwarebytes.com

-Logginformation-
Datum för skyddshändelse: 2021-08-08
Tid för skyddshändelse: 09:30
Loggfil: dc4f4b94-b033-11eb-9744-309c2342e417.json

-Programvaruinformation-
Version: 4.3.0.98
Komponentversion: 1.0.1273
Uppdatera paketversionen: 1.0.40232
Licens: Premium

-Systeminformation-
OS: Windows 10 (Build 19042.928)
CPU: x64
Filsystem: NTFS
Användare: System

-Information om blockerad skadlig kod-
Fil: 1
Malware.Heuristic.1003, C:\Windows\assembly\NativeImages_v2.0.50727_32\BdmuxInterface\09ca543914be767ca788c735a3586233\BdmuxInterface.ni.dll, I karantän, 1000001, 0, 1.0.40232, 0000000000000000000003EB, dds, 01235665, 3DFE7C40B6E23E4B2E014C3BFF755FDC, 3ACAA44ACF2DD52B088B001158F78F293C65AA981701292D1087F6F7FE443D7E


(end)

Körde upp med FRST och undrar över detta

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

FireFox:
========
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-17] <==== ATTENTION


Chrome: 
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Eset online scanning hittar ingenting iaf, borde jag va orolig?
 

Link to comment
Share on other sites

cybertears

FRST loggen kommer här:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2021
Ran by jessi (administrator) on JESSE-MONSTERDA (MSI MS-7A39) (08-08-2021 09:26:37)
Running from C:\Users\jessi\Downloads
Loaded Profiles: jessi
Platform: Windows 10 Pro Version 21H1 19043.1110 (X64) Language: Svenska (Sverige)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.CpuIdRemote64.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.DisplayAdapter.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe
(Corsair Memory, Inc. -> Corsair Memory, Inc.) C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe
(DOTPDN LLC -> dotPDN LLC) C:\Program Files\paint.net\PaintDotNet.exe
(FOXIT SOFTWARE INC. -> Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <54>
(HP Inc. -> HP Inc.) C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
(Huawei Technologies Co., Ltd. -> ) C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe
(Logitech Inc -> Logitech) C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Manhattan Engineering Incorporated -> Kite) C:\Program Files\Kite\KiteService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileCoAuth.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_4.1.6.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12105.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.21061.10121.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mobsync.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Nitro PDF Software -> Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(Nitro PDF Software -> Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe <3>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(Nvidia Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe <2>
(Open Media LLC -> ) C:\Program Files (x86)\4KDownload\4kvideodownloader\crashpad_handler.exe
(Open Media LLC -> Open Media LLC) C:\Program Files (x86)\4KDownload\4kvideodownloader\4kvideodownloader.exe
(OVPN Integritet AB -> ) C:\Program Files (x86)\OVPN\ovpn-daemon.exe
(OVPN Integritet AB -> OVPN Integritet AB) C:\Program Files (x86)\OVPN\OVPN.exe
(Realtek Semiconductor Corp) C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj\RtkUWP.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <2>
(Signify Netherlands B.V. -> Signify Netherlands B.V.) C:\Program Files\Hue Sync\HueSync.exe
(Spotify AB -> Spotify Ltd) C:\Users\jessi\AppData\Roaming\Spotify\Spotify.exe <6>
(Synology Inc. -> ) C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
(TeamViewer Germany GmbH -> ) C:\Windows\Temp\nsr805F.tmp\TvUpdateInfo.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\ProgramData\Wondershare\Service\InstallAssistService.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [956920 2019-12-11] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Discord] => C:\ProgramData\SquirrelMachineInstalls\Discord.exe [61370712 2020-04-11] (Discord Inc. -> Discord Inc.)
HKLM-x32\...\Run: [CORSAIR iCUE Software] => C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\iCUE Launcher.exe [410152 2020-03-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
HKLM\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\Update\OneDriveSetup.exe"
HKLM\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Program Files\Microsoft OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-19\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart
HKU\S-1-5-20\...\RunOnce: [OneDrive] => C:\Program Files (x86)\Microsoft OneDrive\OneDrive.exe /background /setautostart
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [OneDrive] => C:\Program Files\Microsoft OneDrive\OneDrive.exe [2334568 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [Discord] => C:\Users\jessi\AppData\Local\Discord\Update.exe [1512760 2020-12-03] (Discord Inc. -> GitHub)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3371296 2020-04-04] (Valve -> Valve Corporation)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [QMxNetworkSync] => C:\Program Files\Common Files\MAGIX Services\Update Notifier\QMxNetworkSync.exe [858360 2019-08-13] (MAGIX Software GmbH -> MAGIX)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [OVPN] => C:\Program Files (x86)\OVPN\OVPN.exe [3722456 2021-06-19] (OVPN Integritet AB -> OVPN Integritet AB)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [Kite] => C:\Program Files\Kite\kited.exe [562179520 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [Spotify] => C:\Users\jessi\AppData\Roaming\Spotify\Spotify.exe [24276096 2021-07-25] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [HueSync] => C:\Program Files\Hue Sync\HueSync.exe [20861352 2021-04-14] (Signify Netherlands B.V. -> Signify Netherlands B.V.)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [91016584 2021-01-15] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\MountPoints2: {08853ced-003a-11eb-a4f5-309c2342e417} - "F:\HiSuiteDownLoader.exe" 
HKLM\...\Print\Monitors\Nitro PDF Port 13 Monitor: C:\Windows\system32\NxPrinterMonitor13.dll [361736 2020-09-03] (Nitro Software, Inc. -> Nitro Software, Inc.)
HKLM\...\Print\Monitors\Nitro PDF Port Monitor: C:\Windows\system32\nitrolocalmon2.dll [29704 2013-01-14] (Nitro PDF Software -> Nitro PDF Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\92.0.4515.131\Installer\chrmstp.exe [2021-08-05] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Image Transfer Utility.lnk [2020-05-23]
ShortcutTarget: Image Transfer Utility.lnk -> C:\Program Files (x86)\Canon\ImageTransferUtility\ImageTransferUtility.exe (Canon Inc. -> CANON INC.)
Startup: C:\Users\jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skicka till OneNote.lnk [2021-07-26]
ShortcutTarget: Skicka till OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07827DC0-CBE0-4050-9D45-22C60AB801C8} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {1273E274-B6F4-4703-A9EA-8620EE4FF2CF} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [905072 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {155A4E5C-C967-4475-9C9E-3A9EE7FD487A} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [681400 2021-07-23] (Mozilla Corporation -> Mozilla Foundation)
Task: {1593C2BB-0F1D-4FAD-A7F3-65F22E358900} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {22550295-89FB-47AC-BD30-76A197C97593} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [3977064 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {38CB1B00-5900-4F4C-A370-06A2F12BC796} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\jessi\Downloads\esetonlinescanner.exe
Task: {5639B7AD-EBF6-496B-88E6-32584CB88511} - System32\Tasks\HPCustParticipation HP LaserJet MFP M129-M134 => C:\Program Files\HP\HP LaserJet MFP M129-M134\Bin\HPCustPartic.exe [6660744 2018-08-22] (Hewlett Packard -> HP Inc.)
Task: {5EA0CDE7-5C9A-4BFF-A213-38C6E89EF52B} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3339120 2021-06-15] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5F89AF20-ABC6-4C16-88C8-49BF0615BCA7} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvBackend\NvBatteryBoostCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerBatteryBoostCheck.log
Task: {75A40BDB-2490-4EE5-878A-DFF01199BF7D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139088 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {7730C796-571B-4380-BE37-F5B2BC0EAA96} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\jessi\Downloads\esetonlinescanner.exe
Task: {8AC83FF2-CCF0-490B-AF09-3E126161D51A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-11] (Google LLC -> Google LLC)
Task: {8F2D4FAF-F756-49C7-8EC1-D101CBD3B946} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9430CD18-E8F3-45C6-9911-9A50D903C57C} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {9EC1BB21-CE16-4D30-8970-F547777CFB80} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [903024 2021-05-04] (NVIDIA Corporation -> NVIDIA Corporation) -> -d "C:\Program Files\NVIDIA Corporation\NvDriverUpdateCheck" -l 3 -f C:\ProgramData\NVIDIA\NvContainerDriverUpdateCheck.log
Task: {AA7522E7-EA89-4DDB-856E-1FD651379E8C} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [645488 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {CD73AB9A-B3A5-432C-ADDA-00FFFDC55571} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253368 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {D70CD50D-85D7-4551-8708-88212419EE9E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23253368 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6C2A0F0-84B6-4035-9EC8-140FF1495B0F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156104 2020-04-11] (Google LLC -> Google LLC)
Task: {EAB044EA-DA9F-4DAF-BD06-7F615F4AD0CC} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1261424 2021-06-09] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {EC1E9F0E-DA75-4CD5-BE16-C485C3E0098A} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [139088 2021-07-23] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{88d2ef9b-c4f9-49c7-8afc-3c3e72069737}: [DhcpNameServer] 192.168.1.1

Edge: 
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge Profile: C:\Users\jessi\AppData\Local\Microsoft\Edge\User Data\Default [2021-08-01]
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jessi\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-07-10]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: f7mwdw22.default
FF ProfilePath: C:\Users\jessi\AppData\Roaming\Mozilla\Firefox\Profiles\f7mwdw22.default [2020-04-11]
FF ProfilePath: C:\Users\jessi\AppData\Roaming\Mozilla\Firefox\Profiles\opcdoeoq.default-release [2021-08-07]
FF Extension: (OVPN.com) - C:\Users\jessi\AppData\Roaming\Mozilla\Firefox\Profiles\opcdoeoq.default-release\Extensions\browserextension@ovpn.com.xpi [2020-04-14]
FF Extension: (uBlock Origin) - C:\Users\jessi\AppData\Roaming\Mozilla\Firefox\Profiles\opcdoeoq.default-release\Extensions\uBlock0@raymondhill.net.xpi [2021-08-02]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\jessi\AppData\Roaming\Mozilla\Firefox\Profiles\opcdoeoq.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-08-01]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.cpdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2013-01-14] (Nitro PDF Software -> Nitro PDF)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-17] <==== ATTENTION

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default [2021-08-08]
CHR Notifications: Default -> hxxps://192.168.1.78; hxxps://am1.badoo.com; hxxps://business.facebook.com; hxxps://calendar.google.com; hxxps://outlook.live.com; hxxps://pdftoword-converter.online; hxxps://www.facebook.com; hxxps://www.myminifactory.com; hxxps://www.tradera.com; hxxps://www.youtube.com
CHR HomePage: Default -> hxxp://192.168.1.2/
CHR StartupUrls: Default -> "hxxp://www.google.se/"
CHR Extension: (Presentationer) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2020-04-11]
CHR Extension: (lock) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeblfdkhhhdcdjpifhhbdiojplfjncoa [2021-07-19]
CHR Extension: (Dokument) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2020-04-11]
CHR Extension: (Google Drive) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-07]
CHR Extension: (YouTube) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2020-04-11]
CHR Extension: (uBlock Origin) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-08-01]
CHR Extension: (uBlock) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2020-04-26]
CHR Extension: (Kalkylark) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2020-04-11]
CHR Extension: (Google Dokument Offline) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-06-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-08-01]
CHR Extension: (Betalning via Chrome Web Store) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (ColorPick Eyedropper) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2021-01-11]
CHR Extension: (OVPN.com) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgogbeeleccaogghlpmoilbegdhacfnn [2021-06-24]
CHR Extension: (Gmail) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-07]
CHR Extension: (Chrome Media Router) - C:\Users\jessi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-07-25]
CHR Profile: C:\Users\jessi\AppData\Local\Google\Chrome\User Data\System Profile [2021-07-25]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [873560 2020-01-14] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9141648 2021-07-15] (Microsoft Corporation -> Microsoft Corporation)
R2 CorsairLLAService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CueLLAccessService.exe [403496 2020-03-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
R2 CorsairService; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Corsair.Service.exe [55848 2020-03-13] (Corsair Memory, Inc. -> Corsair Memory, Inc.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncHelper.exe [3245928 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
R2 FoxitReaderUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitReaderUpdateService.exe [2357936 2020-11-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.)
R2 HPPrintScanDoctorService; C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe [299680 2021-07-23] (HP Inc. -> HP Inc.)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192320 2020-06-29] (Huawei Technologies Co., Ltd. -> )
R2 KiteService; C:\Program Files\Kite\KiteService.exe [140864 2021-06-10] (Manhattan Engineering Incorporated -> Kite)
R2 LogiFacecamService; C:\Program Files\Logitech\LogiCapture\bin\Service\LogiFacecamService.exe [446600 2020-01-08] (Logitech Inc -> Logitech)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7477704 2021-07-16] (Malwarebytes Inc -> Malwarebytes)
R2 nebula; C:\Program Files\Logitech\Collaboration\Services\Video\ServiceLayer.exe [4486896 2018-06-26] (Logitech Inc -> Logitech)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-01-14] (Nitro PDF Software -> Nitro PDF Software)
R2 nlsX86cc; C:\Windows\SysWOW64\NLSSRV32.EXE [70152 2013-01-14] (Nitro PDF Software -> Nalpeiron Ltd.)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\21.150.0725.0001\OneDriveUpdaterService.exe [3709288 2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
R2 OVPNService; C:\Program Files (x86)\OVPN\ovpn-daemon.exe [1345256 2021-06-19] (OVPN Integritet AB -> )
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5395384 2021-07-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [13238568 2021-07-15] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [253912 2019-10-30] (Synology Inc. -> )
S3 VBoxSDS; C:\Program Files\Oracle\VirtualBox\VBoxSDS.exe [746688 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\NisSrv.exe [2665432 2021-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2106.6-0\MsMpEng.exe [136640 2021-07-13] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 Wondershare InstallAssist; C:\ProgramData\Wondershare\Service\InstallAssistService.exe [269200 2020-04-02] (Wondershare Technology Co.,Ltd -> Wondershare)
S2 ElevationService; C:\Program Files (x86)\Wondershare\dr.fone\Addins\SocialApps\ElevationService.exe [X]
R2 NVDisplay.ContainerLocalSystem; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem
S2 WsDrvInst; C:\Program Files (x86)\Wondershare\dr.fone\Addins\Unlock\DriverInstall.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 busenum; C:\WINDOWS\System32\drivers\busenum.sys [57824 2012-08-03] (Synology Inc. -> Windows (R) Win 7 DDK provider)
R2 CorsairLLAccess3B84E98236B28D4E075D5737DF9F567A1FB76E8A; C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\CorsairLLAccess64.sys [21752 2020-02-19] (Microsoft Windows Hardware Compatibility Publisher -> Corsair Memory, Inc.)
R3 CorsairVBusDriver; C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [45984 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 CorsairVHidDriver; C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [21920 2020-07-06] (Microsoft Windows Hardware Compatibility Publisher -> Corsair)
R3 cpuz149; C:\WINDOWS\temp\cpuz149\cpuz149_x64.sys [44320 2021-08-01] (CPUID S.A.R.L.U. -> CPUID)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [199128 2021-04-12] (Malwarebytes Inc -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [55232 2021-01-10] (SurfRight B.V. -> )
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2020-06-29] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220752 2021-08-07] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198888 2021-08-07] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [69016 2021-08-07] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-07-09] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [156880 2021-08-07] (Malwarebytes Inc -> Malwarebytes)
S3 nlwt; C:\WINDOWS\system32\DRIVERS\nlwt.sys [39360 2021-02-26] (TEFINCOM S.A. -> WireGuard LLC)
R3 tap0901; C:\WINDOWS\System32\drivers\tap0901.sys [39920 2020-08-31] (Microsoft Windows Hardware Compatibility Publisher -> The OpenVPN Project)
S3 tapnordvpn; C:\WINDOWS\System32\drivers\tapnordvpn.sys [44896 2020-06-09] (TEFINCOM S.A. -> The OpenVPN Project)
R3 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [239616 2021-04-28] (Oracle Corporation -> Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [249536 2021-04-28] (Oracle Corporation -> Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49560 2021-07-13] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [425192 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [76008 2021-07-13] (Microsoft Windows -> Microsoft Corporation)
R3 wintun; C:\WINDOWS\System32\drivers\wintun.sys [38176 2021-06-19] (WireGuard LLC -> WireGuard LLC)
S3 klids; \??\C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-08 09:26 - 2021-08-08 09:27 - 000031742 _____ C:\Users\jessi\Downloads\FRST.txt
2021-08-08 09:25 - 2021-08-08 09:25 - 002300416 _____ (Farbar) C:\Users\jessi\Downloads\FRST64.exe
2021-08-08 09:20 - 2021-08-08 09:20 - 000000793 _____ C:\Users\jessi\Downloads\Mbam logg.txt
2021-08-07 13:59 - 2021-08-07 13:59 - 000220752 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-08-07 13:59 - 2021-08-07 13:59 - 000198888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-08-07 13:59 - 2021-08-07 13:59 - 000156880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-08-07 13:59 - 2021-08-07 13:59 - 000069016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-08-04 11:50 - 2021-08-04 11:50 - 000050350 _____ C:\Users\jessi\Downloads\invoice_vy-bus4you_2021-07-25_87fe (1).pdf
2021-08-04 11:23 - 2021-08-04 11:23 - 000051096 _____ C:\Users\jessi\Downloads\invoice_vy-bus4you_2021-07-18_eb8a (2).pdf
2021-08-03 22:15 - 2021-08-03 22:15 - 001553939 _____ C:\Users\jessi\Downloads\Nedre HR B 978-21 Dom.pdf
2021-08-03 12:07 - 2021-08-03 12:07 - 000050348 _____ C:\Users\jessi\Downloads\invoice_vy-bus4you_2021-07-25_87fe.pdf
2021-08-03 12:06 - 2021-08-03 12:06 - 000051097 _____ C:\Users\jessi\Downloads\invoice_vy-bus4you_2021-07-18_eb8a (1).pdf
2021-07-26 09:50 - 2021-07-26 09:50 - 000806240 _____ C:\Users\jessi\Downloads\S2940_21-01-01.pdf
2021-07-23 16:29 - 2021-07-23 16:29 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-07-23 15:26 - 2021-07-25 01:26 - 000000349 _____ C:\am_pe_log.txt
2021-07-23 01:18 - 2021-07-23 01:18 - 000000000 ____D C:\Users\jessi\Downloads\rufus_files
2021-07-22 21:58 - 2021-07-22 21:58 - 000000000 ___HD C:\$Windows.~WS
2021-07-22 18:52 - 2021-07-22 18:52 - 000000000 ____D C:\$WINDOWS.~BT
2021-07-22 13:56 - 2021-07-22 13:56 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2021-07-22 13:52 - 2021-07-13 19:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2021-07-22 13:52 - 2021-07-13 19:07 - 001858664 _____ C:\WINDOWS\system32\vulkaninfo.exe
2021-07-22 13:52 - 2021-07-13 19:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2021-07-22 13:52 - 2021-07-13 19:07 - 001438824 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2021-07-22 13:52 - 2021-07-13 19:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2021-07-22 13:52 - 2021-07-13 19:07 - 001097856 _____ C:\WINDOWS\system32\vulkan-1.dll
2021-07-22 13:52 - 2021-07-13 19:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2021-07-22 13:52 - 2021-07-13 19:07 - 000951936 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2021-07-22 13:52 - 2021-07-13 19:06 - 001212560 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 001520776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 000716912 _____ C:\WINDOWS\system32\nvofapi64.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 000676480 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 000645232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvml.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 000577152 _____ C:\WINDOWS\SysWOW64\nvofapi.dll
2021-07-22 13:52 - 2021-07-13 19:02 - 000564352 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 002112128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 001595520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 001171072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 000919168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 000750208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2021-07-22 13:52 - 2021-07-13 19:01 - 000706176 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvidia-smi.exe
2021-07-22 13:52 - 2021-07-13 19:00 - 008854144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2021-07-22 13:52 - 2021-07-13 19:00 - 007920768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2021-07-22 13:52 - 2021-07-13 19:00 - 005680760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2021-07-22 13:52 - 2021-07-13 19:00 - 004987520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2021-07-22 13:52 - 2021-07-13 19:00 - 002925696 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2021-07-22 13:52 - 2021-07-13 19:00 - 000447104 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdebugdump.exe
2021-07-22 13:52 - 2021-07-13 18:59 - 000849008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\MCU.exe
2021-07-22 13:52 - 2021-07-13 18:57 - 006215792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2021-07-22 13:52 - 2021-07-12 13:32 - 000083062 _____ C:\WINDOWS\system32\nvinfo.pb
2021-07-21 10:47 - 2021-07-21 10:49 - 000196276 _____ C:\Users\jessi\Downloads\FAKTURA_BAHNHOF_J471307_2.pdf
2021-07-21 10:44 - 2021-07-21 10:44 - 000160315 _____ C:\Users\jessi\Downloads\fakturor klarna juli.pdf
2021-07-21 10:43 - 2021-07-21 10:43 - 000051067 _____ C:\Users\jessi\Downloads\invoice_shein_2021-07-07_a914.pdf
2021-07-21 10:43 - 2021-07-21 10:43 - 000050200 _____ C:\Users\jessi\Downloads\invoice_vy-bus4you_2021-07-18_eb8a.pdf
2021-07-21 10:40 - 2021-07-21 10:40 - 000062911 _____ C:\Users\jessi\Downloads\2150355.pdf
2021-07-21 05:33 - 2021-07-21 05:33 - 001347832 _____ C:\Users\jessi\Downloads\Support Plus App v1.0.2.zip
2021-07-21 05:33 - 2021-07-21 05:33 - 000579465 _____ C:\Users\jessi\Downloads\Support Plus General Store Managment.rar
2021-07-20 16:46 - 2021-07-20 16:56 - 000001024 ____H C:\OKTAG.BIN
2021-07-20 16:46 - 2021-07-20 16:56 - 000001024 ____H C:\AMTAG.BIN
2021-07-20 16:46 - 2021-07-20 16:46 - 020351592 _____ (AOMEI International Network Limited. ) C:\Users\jessi\Downloads\OneKeyDemo.exe
2021-07-20 16:46 - 2021-07-20 16:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AOMEI OneKey Recovery 1.6.4
2021-07-20 16:46 - 2021-07-20 16:46 - 000000000 ____D C:\Program Files (x86)\AOMEI OneKey Recovery 1.6.4
2021-07-19 04:15 - 2021-07-22 22:27 - 000000000 ____D C:\WINDOWS\Panther
2021-07-19 01:55 - 2021-07-19 01:55 - 010883680 _____ C:\Users\jessi\Downloads\evas3.zip
2021-07-19 01:55 - 2021-07-19 01:55 - 000000000 ____D C:\Users\jessi\Downloads\evas3
2021-07-18 15:28 - 2021-07-18 15:28 - 000000000 ____D C:\Users\jessi\AppData\Roaming\GConvert
2021-07-17 11:40 - 2021-07-22 18:25 - 000000000 __SHD C:\Users\Public\DRM
2021-07-17 11:40 - 2021-07-17 11:40 - 000000000 ____D C:\Users\jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HHD Hex Editor Neo
2021-07-17 11:40 - 2021-07-17 11:40 - 000000000 ____D C:\Users\jessi\AppData\Local\HHD Software
2021-07-17 11:39 - 2021-07-17 11:39 - 015324936 _____ (HHD Software Ltd.) C:\Users\jessi\Downloads\free-hex-editor-neo.exe
2021-07-17 11:33 - 2021-07-17 11:40 - 000000000 ____D C:\Users\jessi\Downloads\tillägg
2021-07-16 12:44 - 2021-07-16 12:44 - 001823280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-07-16 12:44 - 2021-07-16 12:44 - 001328376 _____ C:\WINDOWS\system32\FaceTrackerInternal.dll
2021-07-16 12:44 - 2021-07-16 12:44 - 001324032 _____ C:\WINDOWS\system32\FaceProcessor.dll
2021-07-16 12:44 - 2021-07-16 12:44 - 000512864 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2021-07-16 12:44 - 2021-07-16 12:44 - 000011357 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-07-16 12:44 - 2021-07-16 12:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsraLegacy.tlb
2021-07-16 12:44 - 2021-07-16 12:44 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsraLegacy.tlb
2021-07-16 12:44 - 2021-07-16 12:44 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rendezvousSession.tlb
2021-07-16 12:44 - 2021-07-16 12:44 - 000006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rendezvousSession.tlb
2021-07-15 18:31 - 2021-07-21 12:42 - 000000000 ____D C:\Users\jessi\AppData\Local\KutoolsforExcel
2021-07-15 18:31 - 2021-07-16 09:10 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\Kutools for Excel
2021-07-15 18:31 - 2021-07-15 18:31 - 000000000 ____D C:\Users\jessi\AppData\Roaming\Kutools for Excel
2021-07-15 18:29 - 2021-07-15 18:29 - 086320128 _____ C:\Users\jessi\Downloads\KutoolsforExcelSetup.msi
2021-07-15 18:29 - 2021-07-15 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kutools for Excel
2021-07-15 18:29 - 2021-07-15 18:29 - 000000000 ____D C:\Program Files (x86)\Kutools for Excel
2021-07-15 18:14 - 2021-07-25 01:20 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\ProfessorExcelTools
2021-07-15 18:14 - 2021-07-15 18:14 - 001507152 _____ (Henrik Schiffner) C:\Users\jessi\Downloads\Professor-Excel-Tools.exe
2021-07-15 18:14 - 2013-09-27 12:39 - 000000932 _____ C:\WINDOWS\VIXUNIN.EXE.manifest
2021-07-15 17:18 - 2021-07-15 17:18 - 000000000 ____D C:\Users\jessi\AppData\Local\imyfoneSet
2021-07-15 17:17 - 2021-07-15 17:17 - 000001318 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passper for Excel.lnk
2021-07-15 17:17 - 2021-07-15 17:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Passper
2021-07-15 17:17 - 2021-07-15 17:17 - 000000000 ____D C:\Program Files (x86)\Passper
2021-07-15 17:17 - 2021-07-15 17:17 - 000000000 ____D C:\Program Files (x86)\imyfone_down
2021-07-14 20:24 - 2021-07-14 20:24 - 000181524 _____ C:\Users\jessi\Downloads\Läkemedelsfakta.pdf
2021-07-14 00:50 - 2021-07-14 00:50 - 000000000 ____D C:\Users\jessi\AppData\Local\gtk-2.0
2021-07-14 00:45 - 2021-07-14 00:56 - 000000000 ____D C:\Users\jessi\AppData\Local\babl-0.1
2021-07-14 00:45 - 2021-07-14 00:45 - 000000000 ____D C:\Users\jessi\AppData\Roaming\GIMP
2021-07-14 00:45 - 2021-07-14 00:45 - 000000000 ____D C:\Users\jessi\AppData\Local\GIMP
2021-07-14 00:45 - 2021-07-14 00:45 - 000000000 ____D C:\Users\jessi\AppData\Local\gegl-0.4
2021-07-14 00:44 - 2021-07-14 00:44 - 000001303 _____ C:\Users\jessi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.24.lnk
2021-07-14 00:42 - 2021-07-14 00:42 - 000178187 _____ C:\Users\jessi\Downloads\9190461.pdf
2021-07-14 00:40 - 2021-07-14 00:40 - 253914240 _____ (The GIMP Team ) C:\Users\jessi\Downloads\gimp-2.10.24-setup-3.exe
2021-07-13 22:57 - 2021-07-13 22:57 - 001173560 _____ (Akeo Consulting) C:\Users\jessi\Downloads\rufus-3.14.exe
2021-07-13 22:51 - 2021-07-13 22:53 - 3099203584 _____ C:\Users\jessi\Downloads\HBCD_PE_x64.iso
==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-08-08 09:27 - 2021-03-30 07:25 - 000000000 ____D C:\FRST
2021-08-08 09:25 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-08-08 09:16 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2021-08-08 09:13 - 2020-06-12 21:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-08-08 08:53 - 2020-04-11 01:33 - 000000000 ____D C:\Program Files (x86)\Google
2021-08-08 08:46 - 2020-04-11 01:46 - 000000000 ____D C:\Users\jessi\AppData\Roaming\Spotify
2021-08-07 14:15 - 2020-04-11 00:59 - 000000000 ___RD C:\Users\jessi\OneDrive
2021-08-07 14:14 - 2021-04-08 16:25 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2021-08-07 14:14 - 2020-06-12 21:20 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2021-08-07 14:14 - 2020-04-13 11:28 - 000002132 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-08-07 13:59 - 2021-02-17 11:27 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-08-07 12:53 - 2021-04-15 03:09 - 000002440 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-08-07 12:53 - 2020-04-11 02:30 - 000000000 ____D C:\ProgramData\NVIDIA
2021-08-07 12:53 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-08-07 12:53 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-08-07 01:09 - 2020-04-11 04:01 - 000000000 ____D C:\Users\jessi\AppData\LocalLow\Mozilla
2021-08-07 00:41 - 2020-04-11 01:31 - 000000000 ____D C:\ProgramData\Mozilla
2021-08-06 22:53 - 2020-04-11 01:46 - 000000000 ____D C:\Users\jessi\AppData\Local\Spotify
2021-08-06 22:17 - 2020-04-11 01:40 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-08-05 08:24 - 2020-04-11 01:33 - 000002297 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-08-04 15:33 - 2021-02-21 12:45 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-08-03 11:42 - 2020-06-12 21:20 - 000003516 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-08-03 11:42 - 2020-06-12 21:20 - 000003392 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-08-02 11:16 - 2021-01-30 17:21 - 000003622 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-02 11:16 - 2021-01-30 17:21 - 000003498 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-08-01 14:22 - 2020-08-17 21:26 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\Movie Studio 14.0 Platinum Projects
2021-08-01 00:40 - 2020-12-19 19:48 - 000000000 ____D C:\Users\jessi\AppData\Roaming\HueSync
2021-08-01 00:39 - 2020-06-12 21:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-08-01 00:39 - 2020-04-11 05:30 - 000000208 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2021-08-01 00:39 - 2020-04-11 02:16 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2021-08-01 00:39 - 2020-04-11 02:13 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2021-08-01 00:39 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-08-01 00:39 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-08-01 00:38 - 2020-04-11 01:44 - 000000000 ____D C:\Users\jessi\AppData\Roaming\Discord
2021-08-01 00:00 - 2020-04-11 01:43 - 000000000 ____D C:\Users\jessi\AppData\Local\Discord
2021-07-25 19:00 - 2020-04-11 01:12 - 000000000 ____D C:\Program Files (x86)\Battle.net
2021-07-25 18:59 - 2020-04-11 01:24 - 000000000 ____D C:\Users\jessi\AppData\Local\Battle.net
2021-07-25 14:53 - 2021-05-11 11:07 - 000000000 ____D C:\Program Files\HPPrintScanDoctor
2021-07-25 01:31 - 2021-03-27 02:10 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-07-25 01:31 - 2020-04-11 01:31 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-07-25 01:31 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-07-25 01:24 - 2020-04-11 04:44 - 000001024 ____H C:\SYSTAG.BIN
2021-07-25 01:20 - 2020-04-24 22:21 - 000000000 ____D C:\Users\jessi\AppData\Local\CrashDumps
2021-07-24 10:10 - 2021-02-23 22:17 - 000000000 ____D C:\Users\jessi\.VirtualBox
2021-07-24 10:07 - 2021-02-23 22:17 - 000000000 ____D C:\ProgramData\VirtualBox
2021-07-24 09:29 - 2020-04-11 00:57 - 000000000 ____D C:\Users\jessi\AppData\Local\Packages
2021-07-23 19:22 - 2020-04-11 02:11 - 000000000 ____D C:\Program Files\Microsoft Office
2021-07-23 16:29 - 2020-04-11 01:31 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-07-23 16:00 - 2020-05-24 18:44 - 000000396 __RSH C:\ProgramData\ntuser.pol
2021-07-23 15:23 - 2020-04-11 02:12 - 000000000 ____D C:\ProgramData\AomeiBR
2021-07-22 23:47 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-07-22 22:27 - 2020-07-20 20:16 - 000000000 ____D C:\ESD
2021-07-22 13:59 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2021-07-22 13:55 - 2020-04-11 01:13 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2021-07-19 19:24 - 2020-04-17 21:39 - 000000000 ____D C:\Users\jessi\AppData\Roaming\vlc
2021-07-19 04:22 - 2020-06-12 21:20 - 001691502 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-07-19 04:22 - 2019-12-07 16:43 - 000713776 _____ C:\WINDOWS\system32\perfh01D.dat
2021-07-19 04:22 - 2019-12-07 16:43 - 000145748 _____ C:\WINDOWS\system32\perfc01D.dat
2021-07-19 04:15 - 2020-06-12 21:15 - 000740496 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-07-19 04:14 - 2020-06-12 20:34 - 000000000 ____D C:\Users\jessi
2021-07-19 04:14 - 2019-12-07 16:46 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-07-19 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-07-19 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-07-19 04:14 - 2019-12-07 11:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-07-19 03:57 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-07-19 02:11 - 2020-12-07 05:07 - 000000000 ____D C:\Users\jessi\AppData\Roaming\Code
2021-07-18 18:29 - 2020-08-17 21:14 - 000000000 ____D C:\WINDOWS\system32\appmgmt
2021-07-17 11:50 - 2020-04-11 01:23 - 000000000 ____D C:\Users\jessi\AppData\Local\D3DSCache
2021-07-16 12:46 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-07-16 12:38 - 2020-04-11 01:41 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-07-16 12:35 - 2020-04-11 01:41 - 133422552 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-07-16 09:45 - 2021-02-21 12:45 - 000740152 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-07-16 09:45 - 2021-02-21 12:45 - 000486712 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-07-15 20:39 - 2020-04-11 00:54 - 000000000 ____D C:\ProgramData\Package Cache
2021-07-15 20:38 - 2020-04-11 02:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith
2021-07-14 00:51 - 2020-04-11 01:00 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\Anpassade Office-mallar
2021-07-14 00:51 - 2020-04-11 00:59 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\Diablo III
2021-07-14 00:43 - 2020-05-02 23:32 - 000000000 ____D C:\Users\jessi\OneDrive\Dokument\My Digital Editions
2021-07-13 19:06 - 2021-01-10 03:26 - 001474704 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2021-07-13 18:57 - 2020-05-27 17:58 - 007280312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2021-07-13 12:05 - 2020-04-11 00:49 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-07-09 12:06 - 2021-02-17 11:27 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-07-09 12:06 - 2020-06-12 21:15 - 000008192 ___SH C:\DumpStack.log.tmp

==================== Files in the root of some directories ========

2020-04-11 01:42 - 2021-01-22 15:54 - 000000024 _____ () C:\Program Files\plugins.dat
2020-12-22 06:37 - 2020-12-22 06:37 - 000003134 _____ () C:\Program Files (x86)\InstallationLog.txt
2021-01-25 06:35 - 2021-04-05 20:43 - 000000016 _____ () C:\Users\jessi\AppData\Roaming\obs-virtualcam.txt
2020-12-12 01:08 - 2020-12-12 15:35 - 000000128 _____ () C:\Users\jessi\AppData\Local\PUTTY.RND
2021-07-14 00:51 - 2021-07-14 00:51 - 000000931 _____ () C:\Users\jessi\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Link to comment
Share on other sites

cybertears

Addition loggen:

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2021
Ran by jessi (08-08-2021 09:28:01)
Running from C:\Users\jessi\Downloads
Windows 10 Pro Version 21H1 19043.1110 (X64) (2020-06-12 19:21:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administratör (S-1-5-21-2862380-3465493475-3068185414-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2862380-3465493475-3068185414-503 - Limited - Disabled)
Gäst (S-1-5-21-2862380-3465493475-3068185414-501 - Limited - Disabled)
jessi (S-1-5-21-2862380-3465493475-3068185414-1001 - Administrator - Enabled) => C:\Users\jessi
WDAGUtilityAccount (S-1-5-21-2862380-3465493475-3068185414-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

4K Video Downloader 4.12 (HKLM-x32\...\{A490FDCE-03DF-4B63-92D9-9C9ADC4246C3}) (Version: 4.12.0.3570 - Open Media LLC)
4K Video to MP3 2.6 (HKLM-x32\...\{991B826F-58B1-4BA8-A226-23A4A525F93A}) (Version: 2.6.1.913 - Open Media LLC)
4K YouTube to MP3 3.11 (HKLM-x32\...\{2A3A7910-38FD-42A1-BA07-2ACF740DF6AB}) (Version: 3.11.1.3500 - Open Media LLC)
7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Digital Editions 4.5 (HKLM-x32\...\Adobe Digital Editions 4.5) (Version: 4.5.11 - Adobe Systems Incorporated)
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 19.10.28 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{4fedae1b-6980-4848-9ba0-229c946a3dac}) (Version: 2.10.13.408 - Advanced Micro Devices, Inc.) Hidden
AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF5536CE9D}_is1) (Version:  - AOMEI Technology Co., Ltd.)
AOMEI OneKey Recovery 1.6.4 (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF553690FD}_is1) (Version:  - AOMEI International Network Limited.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Boris FX Continuum Plug-ins 11 for OpenFX and Compatible Products (HKLM\...\{CD3E4D20-4EAA-461F-9025-FAD60661D06D}_is1) (Version:  - Boris FX, Inc.)
Camtasia 2020 (HKLM\...\{ED4BA134-0E22-4891-B0A6-43BDAA6E7F44}) (Version: 20.0.10.25773 - TechSmith Corporation) Hidden
Camtasia 2020 (HKLM-x32\...\{9fa1edda-efbb-4cd1-925a-c5ecd732867e}) (Version: 20.0.10.25773 - TechSmith Corporation)
Canon Utilities CameraWindow DC 8 (HKLM-x32\...\CameraWindowDC) (Version: 8.10.7.32 - Canon Inc.)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.12.20.3 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.12.10.0 - Canon Inc.)
Canon Utilities Map Utility (HKLM-x32\...\Map Utility Parent) (Version: 1.8.2.3 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.16.30.0 - Canon Inc.)
CHM To Exe (HKLM-x32\...\CHMToExeSetup541) (Version: 2.0.0.0 - G.D.G. Software)
CORSAIR iCUE Software (HKLM-x32\...\{1FF2D1F1-48E8-4819-9E68-C7C14143494A}) (Version: 3.27.68 - Corsair)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Discord (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Discord) (Version: 0.0.309 - Discord Inc.)
DVD Architect (HKLM-x32\...\{1D8D144F-3558-11E9-A3D6-00155D6302F2}) (Version: 7.0.100 - VEGAS)
FileZilla Client 3.52.2 (HKLM-x32\...\FileZilla Client) (Version: 3.52.2 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 10.1.1.37576 - Foxit Software Inc.)
GIMP 2.10.24 (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\GIMP-2_is1) (Version: 2.10.24 - The GIMP Team)
Google Chrome (HKLM\...\{E57F8E37-C7DB-3CF8-82E4-98423E05EF63}) (Version: 92.0.4515.131 - Google LLC)
Grundläggande enhetsprogramvara för HP LaserJet MFP M129-M134 (HKLM\...\{FA59C0E2-5A65-4BFF-B5BB-F42623A1D1AC}) (Version: 44.3.2667.18234 - HP Inc.)
HHD Software Free Hex Editor Neo 6.54 (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\{8EB85C0E-DE7D-4A53-BD66-708B8F2C80B0}) (Version: 6.54.02.6790 - HHD Software, Ltd.)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 10.1.0.550 - Huawei Technologies Co., Ltd.)
HitFilm Boost Pack (HKLM\...\{86F0B672-27A4-436B-8EC3-FF5CC9778440}) (Version: 1.0.7730.55638 - FXHOME)
HP Dropbox Plugin (HKLM-x32\...\{A2B004AB-CA33-4327-B762-2491294783C6}) (Version: 36.0.102.68541 - HP)
HP EmailSMTP Plugin (HKLM-x32\...\{25C5D047-215A-40C9-B872-9AD4EA8344B3}) (Version: 43.0.0.0 - HP)
HP FTP Plugin (HKLM-x32\...\{D2CECE21-698A-47C0-9CFF-63D4E0419513}) (Version: 43.0.0.0 - HP)
HP Google Drive Plugin (HKLM-x32\...\{0E245453-1928-4F71-B2B4-9980804632B0}) (Version: 36.0.102.68541 - HP)
HP OneDrive Plugin (HKLM-x32\...\{37D832E7-E0E5-4D6D-91F7-4076451D8285}) (Version: 36.0.0.0 - HP)
HP SharePoint Plugin (HKLM-x32\...\{BEBD4706-0C84-44D7-AB78-5DD6EBB5B295}) (Version: 43.0.0.0 - HP)
HTML Executable (HKLM-x32\...\{443C1720-8939-40CA-9C28-8A63E851E863}) (Version: 4.9.5.0 - G.D.G. Software)
Hue Sync (HKLM\...\{C0270355-35E2-4862-8B57-A7C1A258AF77}) (Version: 1.6.1.12 - Signify Netherlands B.V.)
I.R.I.S OCR (HKLM-x32\...\{724EBDA3-17A2-4064-9CA3-766059BF9FB7}) (Version: 15.2.10.1114 - HP Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Kite (HKLM\...\Kite) (Version:  - Manhattan Engineering Inc)
Kutools for Excel (HKLM-x32\...\{A1766172-0909-4DAE-8B04-C9F24E1669EF}) (Version: 25.00 - ExtendOffice.com)
LM129 (HKLM-x32\...\{A2D25501-6F44-4CE2-9EFA-C9E5A0658FA9}) (Version: 0.00.0005 - HP)
Logitech Capture (HKLM\...\Capture) (Version: 2.00.226 - Logitech)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Goya burnR (MSI) (HKLM\...\{114BAB84-7CFC-46A2-8A29-9F621361E73A}) (Version: 4.3.1.6 - MAGIX Software GmbH) Hidden
MAGIX Goya burnR (MSI) (HKLM-x32\...\MX.{114BAB84-7CFC-46A2-8A29-9F621361E73A}) (Version: 4.3.1.6 - MAGIX Software GmbH)
MAGIX Music Maker (HKLM\...\{2AF5BD89-F45D-45E9-BE25-B8B7203CFC75}) (Version: 24.1.4.70 - MAGIX Software GmbH) Hidden
MAGIX Music Maker (HKLM-x32\...\MX.{2AF5BD89-F45D-45E9-BE25-B8B7203CFC75}) (Version: 24.1.4.70 - MAGIX Software GmbH)
MAGIX Music Maker Trial Soundpools (HKLM\...\{CC8ED94A-EA70-44A9-A703-061ACB463C9D}) (Version: 24.0.0.0 - MAGIX Software GmbH) Hidden
Malwarebytes version 4.4.4.126 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.4.126 - Malwarebytes)
Microsoft 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.14228.20186 - Microsoft Corporation)
Microsoft 365 - sv-se (HKLM\...\O365HomePremRetail - sv-se) (Version: 16.0.14228.20186 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 92.0.902.67 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 21.150.0725.0001 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{852D8FE5-BC66-4061-B1C4-CADF51E5B27D}) (Version: 2.82.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.27.29016 (HKLM-x32\...\{40d3fee2-b257-46c2-bdc0-cb1088d97327}) (Version: 14.27.29016.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual Studio Code (User) (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.52.1 - Microsoft Corporation)
Movie Studio 14.0 Platinum (HKLM\...\{B1A08DCF-731B-11E7-8C1A-95BE57594EAC}) (Version: 14.0.148 - VEGAS)
Mozilla Firefox (x64 sv-SE) (HKLM\...\Mozilla Firefox 90.0.2 (x64 sv-SE)) (Version: 90.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NewBlue Vegas MSP Complete (HKLM-x32\...\NewBlue Vegas MSP Complete) (Version: 1.0 - NewBlue)
Nitro Pro 8 (HKLM\...\{AAE9AB32-071F-46AF-B0C3-F936E6345F4A}) (Version: 8.1.1.12 - Nitro)
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.9.5 - Notepad++ Team)
NVIDIA FrameView SDK 1.1.4923.29968894 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_FrameViewSdk) (Version: 1.1.4923.29968894 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.23.0.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.23.0.74 - NVIDIA Corporation)
NVIDIA Grafikdrivrutin 471.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 471.41 - NVIDIA Corporation)
NVIDIA HD audiodrivrutin 1.3.38.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.60 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvara 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 26.1.1 - OBS Project)
OEM Application Profile (HKLM-x32\...\{84AD2AF7-10C8-0395-66F9-FFAEB4C5DBF1}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20186 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14228.20186 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-041D-1000-0000000FF1CE}) (Version: 16.0.14228.20070 - Microsoft Corporation) Hidden
OpenVPN Wintun (HKLM\...\{13C5992F-506F-44D8-B03C-F578A86D785A}) (Version: 1.0 - OpenVPN Inc) Hidden
Oracle VM VirtualBox 6.1.22 (HKLM\...\{573CC601-ED8D-450F-BE6F-A313DD77A4A0}) (Version: 6.1.22 - Oracle Corporation)
OVPN (HKLM-x32\...\{76500835-35da-4619-90a7-9e09ec8769be}) (Version: 1.11.0.3460 - OVPN)
paint.net (HKLM\...\{1A59F8A6-6AB4-4522-9340-F420B9155A31}) (Version: 4.2.16 - dotPDN LLC)
Passper for Excel 3.6.1.2 (HKLM-x32\...\{FD27E638-0609-44D4-B4E0-8F238FACC75C}_is1) (Version: 3.6.1.2 - Shenzhen iMyFone Technology Co., Ltd.)
Poedit (HKLM-x32\...\{68EB2C37-083A-4303-B5D8-41FA67E50B8F}_is1) (Version: 2.3.1 - Vaclav Slavik)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 201209 - Kakao Corp.)
Produktförbättringsstudie för HP LaserJet MFP M129-M134 (HKLM\...\{472A1CAD-769B-4B13-B0EB-A19EA8CE7B76}) (Version: 44.3.2667.18234 - HP Inc.)
Professor-Excel-Tools (HKLM-x32\...\Professor-Excel-Tools) (Version: 3.0 - Henrik Schiffner)
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 2.0.1.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.38.1118.2019 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8858.1 - Realtek Semiconductor Corp.)
RX 6 Elements (HKLM-x32\...\RX 6 Elements) (Version: 6.10 - iZotope, Inc.)
Skype version 8.68 (HKLM-x32\...\Skype_is1) (Version: 8.68 - Skype Technologies S.A.)
Snagit 2021 (HKLM\...\{5CE727CE-849F-4B60-A9A3-E8DDCA701F19}) (Version: 21.4.2 - TechSmith Corporation) Hidden
Snagit 2021 (HKLM-x32\...\{08e62935-189d-44c4-a0a8-031e6d197af2}) (Version: 21.4.2.10172 - TechSmith Corporation)
Spotify (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\Spotify) (Version: 1.1.64.561.g71bd09eb - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Svive Proteus Software (HKLM-x32\...\{BC00D688-56EE-43DF-9765-166EB3C1E7FA}_is1) (Version: 1.0.3 - Svive)
Synology Assistant (remove only) (HKLM-x32\...\Synology Assistant) (Version: 6.2-24922 - Synology)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.20.3 - TeamViewer)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Update Notifier (HKLM\...\{67B5D9F1-3A83-4502-835C-17F758EF1CCF}) (Version: 3.0.0.50 - MAGIX Software GmbH) Hidden
Update Notifier (HKLM\...\MX.{67B5D9F1-3A83-4502-835C-17F758EF1CCF}) (Version: 3.0.0.50 - MAGIX Software GmbH)
Uppdateringsassistenten för Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.23072 - Microsoft Corporation)
VirusTotal Uploader 2.2 (HKLM-x32\...\VTUploader) (Version:  - )
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinDirStat 1.1.2 (HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\WinDirStat) (Version:  - )
Windows datorhälsokontroll (HKLM\...\{21BC2321-E3ED-498A-99E7-75B004DB6C83}) (Version: 2.1.2106.23002 - Microsoft Corporation)

Packages:
=========
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_129.1.234.0_x64__v10z8vjag6ke6 [2021-07-23] (HP Inc.)
Mediemotortillägg för Foton -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-04-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2020-04-11] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-05] (Microsoft Studios) [MS Ad]
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-07-22] (NVIDIA Corp.)
Photo Scan -> C:\Program Files\WindowsApps\5913DefineStudio.PhotoScan_3.7.7.0_x64__jj4r3mnwe2ey2 [2021-01-11] (Define Studio) [MS Ad]
Raw Image Extension -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_1.0.41311.0_x64__8wekyb3d8bbwe [2021-07-27] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj [2020-04-11] (Realtek Semiconductor Corp)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{182FB546-8596-4CEF-9CB5-E9505BF7F628}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\hhdhexneo.dll (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{6DB27B2E-87AC-4354-927A-AD711A0ED77E}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{930e604a-cc01-4d06-8d7a-5a07914f3afb}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2019\CamtasiaStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{A244CEC5-DB63-4ED9-B0D7-A0527C064113}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{AE1514A4-5D7D-4D1B-BC7F-320E6962B0DD}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\FileDocument.dll (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{B845012A-F05A-4EC8-816D-B033183B9CA5}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\hhdhexneo.dll (HHD SOFTWARE LIMITED -> HHD Software Ltd.)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{ca31933b-b116-4444-9c6d-e5103390fb76}\localserver32 -> C:\Program Files\TechSmith\Camtasia 2020\CamtasiaStudio.exe (TechSmith Corporation -> TechSmith Corporation)
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{CB965DF1-B8EA-49C7-BDAD-5457FDC1BF92}\InprocServer32 -> C:\Users\jessi\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20244.4\x64\Microsoft.Teams.AddinLoader.dll => No File
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{e41a3aef-5c40-4832-922f-c8c0a8720acf}\localserver32 -> "C:\Program Files\TechSmith\Camtasia 2021\CamtasiaStudio.exe" -ToastActivated => No File
CustomCLSID: HKU\S-1-5-21-2862380-3465493475-3068185414-1001_Classes\CLSID\{F350F7C1-9F0E-4A97-8EEC-E690C7095BEF}\InprocServer32 -> C:\Users\jessi\AppData\Local\HHD Software\Free Hex Editor Neo\PatchAPI\dll\x64\hexpatch64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2021-01-01] (Notepad++ -> )
ContextMenuHandlers1: [NP8ShellExtension] -> {9C4B85B8-956C-49BF-9BA5-101384E562B2} => C:\Program Files\Common Files\Nitro\Pro\8.0\NPShellExtension64.dll [2013-01-14] (Nitro PDF Software -> Nitro PDF)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2021\DLLx64\SnagitShellExt64.dll [2021-06-15] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files\TechSmith\Snagit 2021\DLLx64\SnagitShellExt64.dll [2021-06-15] (TechSmith Corporation -> TechSmith Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\21.150.0725.0001\FileSyncShell64.dll [2021-08-07] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_5d5c294bb8d17217\nvshext.dll [2021-07-13] (Nvidia Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-02-17] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-07-28 09:34 - 2020-07-28 09:34 - 000087040 _____ () [File not signed] C:\Program Files\Hue Sync\aws-c-common.dll
2020-07-28 09:34 - 2020-07-28 09:34 - 000028160 _____ () [File not signed] C:\Program Files\Hue Sync\aws-c-event-stream.dll
2020-07-28 09:34 - 2020-07-28 09:34 - 000046080 _____ () [File not signed] C:\Program Files\Hue Sync\aws-checksums.dll
2020-07-28 09:34 - 2020-07-28 09:34 - 001590784 _____ () [File not signed] C:\Program Files\Hue Sync\aws-cpp-sdk-core.dll
2020-07-28 09:34 - 2020-07-28 09:34 - 006056448 _____ () [File not signed] C:\Program Files\Hue Sync\aws-cpp-sdk-s3.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 004562944 _____ () [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNetc8826574#\bd608f6d48ffa7e882fbb4757b392342\PaintDotNet.SystemLayer.Native.x64.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 009284608 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Base\dfcc82d9a0d3001902666a267a0494f5\PaintDotNet.Base.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 010664960 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Core\6a360a1840e35aa17645b34b77227028\PaintDotNet.Core.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 000646656 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Data\d71a83c716d165a05b72e25e0ce2a411\PaintDotNet.Data.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 001382912 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet.Effects\6a4bd24a01239263129cc07630dd4d26\PaintDotNet.Effects.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 001117184 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet26779e70#\c8d65439d393a8dc1d2697c1d9ca5bff\PaintDotNet.Resources.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 002486272 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet500b2e4f#\b1a3bcc9a52a4e98d9075d18eb8b7ad3\PaintDotNet.SystemLayer.ni.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 004569088 _____ (dotPDN LLC) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\PaintDotNet7afaaa15#\7092cc854b528f030e7c5332c8b17d7c\PaintDotNet.Framework.ni.dll
2020-04-11 02:29 - 2020-04-11 02:30 - 000169984 _____ (Fortemedia) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj\FMAPOCTL.dll
2020-04-11 01:33 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2020-06-12 20:39 - 2020-06-12 20:39 - 000065536 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.vc80.openmp_1fc8b3b9a1e18e3b_8.0.50727.4053_none_3b0e32bdc9afe437\vcomp.dll
2020-04-18 15:28 - 2020-04-18 15:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2020-04-18 15:28 - 2020-04-18 15:28 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2021-07-11 21:43 - 2021-07-11 21:43 - 000174080 _____ (Milosz Krajewski) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\K4os.Compression.LZ4\1fdd8b46b8e8b64e27712080fd4491fc\K4os.Compression.LZ4.ni.dll
2020-02-07 18:40 - 2020-02-07 18:40 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\SiUSBXp.dll
2020-04-11 02:29 - 2020-04-11 02:30 - 000023040 _____ (Synaptics Incorporated.) [File not signed] C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.9.205.0_x64__dt26b99r8h8gj\SynAudSrvDll.dll
2021-06-15 15:27 - 2021-06-15 15:27 - 000185344 _____ (TechSmith Corporation) [File not signed] C:\Program Files\TechSmith\Snagit 2021\SnagItShellExtRes.dll
2021-06-19 15:38 - 2021-06-19 15:38 - 002219008 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\OVPN\libcrypto-1_1.dll
2021-06-19 15:38 - 2021-06-19 15:38 - 000530432 _____ (The OpenSSL Project, hxxps://www.openssl.org/) [File not signed] C:\Program Files (x86)\OVPN\libssl-1_1.dll
2020-03-13 19:18 - 2020-03-13 19:18 - 005139576 _____ (The Qt Company Oy -> The Qt Company Ltd.) [File not signed] C:\Program Files (x86)\Corsair\CORSAIR iCUE Software\Qt5Core.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows:nlsPreferences [386]
AlternateDataStreams: C:\Users\Public\DRM:احتضان [48]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\80514902.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\80514902.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-05-04] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-07] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\sharepoint.com -> hxxps://klippan-files.sharepoint.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-03-19 06:49 - 2021-05-19 21:42 - 000000931 _____ C:\WINDOWS\system32\drivers\etc\hosts
127.0.0.1   https://karnia-sverige.com
127.0.0.1    captch-aresolving-universe.com

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Python39\Scripts\;C:\Program Files\Python39\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\HP\IdrsOCR_15.2.10.1114\;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jessi\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\thumbnail_black_blue_abstract_stripes_513_2560x1440.jpg
DNS Servers: 192.165.9.158 - 46.227.67.134
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

Network Binding:
=============
VirtualBox Host-Only Network: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
OVPN: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 
Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) 

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\StartupFolder: => "Image Transfer Utility.lnk"
HKLM\...\StartupApproved\Run: => "TechSmithSnagit"
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "CORSAIR iCUE Software"
HKLM\...\StartupApproved\Run32: => "Jabra Direct"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\StartupFolder: => "Skicka till OneNote.lnk"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\StartupFolder: => "MailWasherPro.lnk"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Skype for Desktop"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "QMxNetworkSync"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Kite"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "Synology Chat"
HKU\S-1-5-21-2862380-3465493475-3068185414-1001\...\StartupApproved\Run: => "1Password"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{4416E8EE-E69F-4FEC-94CD-EFD5D0746938}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{44691AA4-94DA-4623-8C75-D8BFD2144887}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [TCP Query User{97D39F48-ADB3-4C2D-8205-990EFDE34B4F}C:\program files\common files\magix services\update notifier\qmxnetworksync.exe] => (Allow) C:\program files\common files\magix services\update notifier\qmxnetworksync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [UDP Query User{0ED3E000-C0AF-4EFA-AA4A-FE5A3E28893F}C:\program files\common files\magix services\update notifier\qmxnetworksync.exe] => (Allow) C:\program files\common files\magix services\update notifier\qmxnetworksync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [TCP Query User{B0296192-556C-418C-9D32-A8CFA6AE4163}C:\users\jessi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jessi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{AF1E3AD6-6713-4637-915E-2A4CC2621140}C:\users\jessi\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jessi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{227DE7B4-2EDF-415E-B3AD-E7F037A174A9}] => (Block) C:\users\jessi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{479AE3D2-0C06-4FE2-A960-E226A88B9777}] => (Block) C:\users\jessi\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9D647E22-9987-44EA-A2CC-ECFA91D199F4}] => (Block) C:\program files\common files\magix services\update notifier\qmxnetworksync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [{82CA420B-930B-424A-BCA6-7AB255D5DCED}] => (Block) C:\program files\common files\magix services\update notifier\qmxnetworksync.exe (MAGIX Software GmbH -> MAGIX)
FirewallRules: [TCP Query User{B431C7CA-951F-4A03-B07B-FBDF8075C78E}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [UDP Query User{9659837E-F5D8-4BC7-8210-307E5AC7DFE3}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{E99073F1-FBD5-4EA4-ACF8-815413A0ABA4}] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{269826B6-DF94-4529-9D11-C27AE04E4D64}] => (Block) C:\program files (x86)\microsoft\skype for desktop\skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{797897EB-315C-4454-879C-DC1C0E27FEAB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E574CAC8-CA90-4DCF-9F13-41928325E729}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{14B0CDB0-898C-4A96-84EA-50FD251F568B}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{8CA3361B-6404-4453-9037-DEBE625A6348}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{23BBDAAC-F9B3-4652-B9B6-803234308E56}] => (Allow) LPort=8299
FirewallRules: [TCP Query User{BD121D60-4D92-41D0-BDD1-6E68B9834850}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [UDP Query User{F309C784-6D1F-46F2-BF45-B1FDC0AB976B}C:\program files (x86)\synology\assistant\dsassistant.exe] => (Allow) C:\program files (x86)\synology\assistant\dsassistant.exe (Synology Inc. -> )
FirewallRules: [TCP Query User{F1E554C9-A238-4182-B6D7-A9F30494320C}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [UDP Query User{AB05FC69-B808-4B2C-8190-41CE8FF22510}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [TCP Query User{8CBB1915-184D-4CB1-9881-DFE7518529A8}E:\usbwebserver v8.6.5\mysql\bin\mysqld_usbwv8.exe] => (Allow) E:\usbwebserver v8.6.5\mysql\bin\mysqld_usbwv8.exe => No File
FirewallRules: [UDP Query User{9E6A2462-C685-4783-A857-36E082563A7F}E:\usbwebserver v8.6.5\mysql\bin\mysqld_usbwv8.exe] => (Allow) E:\usbwebserver v8.6.5\mysql\bin\mysqld_usbwv8.exe => No File
FirewallRules: [TCP Query User{0B341D89-2E5D-4FA8-8E24-8689B9C0E5A2}E:\usbwebserver v8.6.5\apache2\bin\httpd_usbwv8.exe] => (Allow) E:\usbwebserver v8.6.5\apache2\bin\httpd_usbwv8.exe => No File
FirewallRules: [UDP Query User{B60C9885-0D7C-4AF8-AAA9-75240FAA2C20}E:\usbwebserver v8.6.5\apache2\bin\httpd_usbwv8.exe] => (Allow) E:\usbwebserver v8.6.5\apache2\bin\httpd_usbwv8.exe => No File
FirewallRules: [{A47A1DA3-037B-4793-98B1-FCB8065974D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{FF8F31DC-87C5-49CC-992D-429123806051}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{8F29C67A-0F49-493F-9083-C3A6A6837E75}C:\users\jessi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jessi\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{7CA258FE-F044-4CB8-80AC-200110BBE502}C:\users\jessi\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\jessi\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [TCP Query User{C22D8E71-33AE-446C-95F8-8D5169939F5B}C:\users\jessi\appdata\local\openspeedtest_server\app-1.0.0\openspeedtest-server.exe] => (Allow) C:\users\jessi\appdata\local\openspeedtest_server\app-1.0.0\openspeedtest-server.exe => No File
FirewallRules: [UDP Query User{6076B13C-CEE9-4DBB-9268-685DFF0FB103}C:\users\jessi\appdata\local\openspeedtest_server\app-1.0.0\openspeedtest-server.exe] => (Allow) C:\users\jessi\appdata\local\openspeedtest_server\app-1.0.0\openspeedtest-server.exe => No File
FirewallRules: [{A1C36F90-52EB-4532-BFE4-B77965CA0F87}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{32D1F6A6-6BB8-4513-BB8B-7B171C9437D0}] => (Allow) C:\Program Files (x86)\AOMEI Backupper\ABService.exe (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
FirewallRules: [{92571958-36F3-46B0-AFC0-3543E034B1F8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{565E3223-D7F9-4641-83BC-2331D7756561}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{E0BDCDEA-CFF3-43C2-A651-FFBDBFCF9394}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{C0644681-B175-4310-B124-1FD7CDF89975}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [TCP Query User{F548CAE2-49E7-4328-BCDB-AA2C8E439148}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [UDP Query User{EF3213D8-6997-4993-A5DA-B643941E0A75}C:\program files\hue sync\huesync.exe] => (Allow) C:\program files\hue sync\huesync.exe (Signify Netherlands B.V. -> Signify Netherlands B.V.)
FirewallRules: [{3FC58D3A-9625-465C-9568-005F524CD2EC}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{F006E0F3-B301-47E5-80AA-ABA31746D46F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{2475ED8A-61AF-45CC-9D9B-98FA6D9686AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{A39E0C68-7002-4F87-BD69-2AB33DA77D3B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{CEAECD8D-35EF-4CD3-87DF-A9D33AA41BEC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B81BF54-1533-48D2-BEFE-08414560C0DE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{B5A53178-62DF-4FF0-90DF-A816698D3964}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{1F7CCEC1-9DB0-42D1-A96B-80B956CE8499}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{38352439-D01B-49E3-BBA3-D0CC14A6FF5F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{559E031A-E879-4EEC-831C-7EF2CCE43B56}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{39B36536-F040-427F-A12C-D4B513DA6070}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\92.0.902.67\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

04-08-2021 21:29:04 Schemalagd kontrollpunkt

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (08/07/2021 10:16:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Lagringsoptimeraren kunde inte slutföra trimma på (D:) eftersom: Den begärda åtgärden stöds inte av maskinvaran för volymen. (0x8900002A)

Error: (08/07/2021 01:59:50 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Säkerhetscenter kunde inte verifiera anroparen. Fel: %1.

Error: (08/07/2021 01:58:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Felet uppstod i programmet med namn: mbam.exe, version 4.0.0.1055, tidsstämpel 0x60e6f1ba
, felet uppstod i modulen med namn: ntdll.dll, version 10.0.19041.1110, tidsstämpel 0xe7a22463
Undantagskod: 0xc0000374
Felförskjutning: 0x00000000000ff259
Process-ID: 0x1f98
Programmets starttid: 0x01d78b8376080188
Sökväg till program: C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
Sökväg till modul: C:\WINDOWS\SYSTEM32\ntdll.dll
Rapport-ID: c8a77e72-089f-4281-99c6-32fdeb80a184
Fullständigt namn på felaktigt paket: 
Program-ID relativt till felaktigt paket:

Error: (08/01/2021 12:39:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när rutinen CoCreateInstance anropades. hr = 0x8007045b, Systemet håller på att avslutas.
.

Error: (08/01/2021 12:39:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Information om tjänsten Volume Shadow Copy: COM-severn med CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} och namnet CEventSystem kan inte startas. [0x8007045b, Systemet håller på att avslutas.
]

Error: (08/01/2021 12:39:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Fel i tjänsten Volume Shadow Copy: Oväntat fel när rutinen CoCreateInstance anropades. hr = 0x8007045b, Systemet håller på att avslutas.
.

Error: (08/01/2021 12:39:04 AM) (Source: VSS) (EventID: 13) (User: )
Description: Information om tjänsten Volume Shadow Copy: COM-severn med CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} och namnet CEventSystem kan inte startas. [0x8007045b, Systemet håller på att avslutas.
]

Error: (07/31/2021 09:40:20 PM) (Source: Microsoft-Windows-Defrag) (EventID: 264) (User: )
Description: Lagringsoptimeraren kunde inte slutföra trimma på (D:) eftersom: Den begärda åtgärden stöds inte av maskinvaran för volymen. (0x8900002A)


System errors:
=============
Error: (08/01/2021 12:39:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten WsDrvInst kunde inte startas på grund av följande fel: 
Åtkomst nekad.

Error: (08/01/2021 12:39:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjänsten ElevationService kunde inte startas på grund av följande fel: 
Åtkomst nekad.

Error: (08/01/2021 12:39:41 AM) (Source: VBoxNetLwf) (EventID: 12) (User: )
Description: Drivrutinen hittade ett internt drivrutinsfel på \Device\VBoxNetLwf.

Error: (08/01/2021 12:38:54 AM) (Source: DCOM) (EventID: 10005) (User: NT instans)
Description: DCOM fick felet "1115" vid försök att starta tjänsten wuauserv med argumenten "Inte tillgänglig" för att köra servern:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/01/2021 12:38:54 AM) (Source: DCOM) (EventID: 10005) (User: NT instans)
Description: DCOM fick felet "1115" vid försök att starta tjänsten wuauserv med argumenten "Inte tillgänglig" för att köra servern:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (08/01/2021 12:38:33 AM) (Source: DCOM) (EventID: 10010) (User: JESSE-MONSTERDA)
Description: Servern Microsoft.Windows.ContentDeliveryManager_10.0.19041.1023_neutral_neutral_cw5n1h2txyewy!App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca registrerades inte med DCOM inom erforderlig timeout.

Error: (07/29/2021 09:39:38 PM) (Source: Schannel) (EventID: 4103) (User: NT instans)
Description: Ett allvarligt fel inträffade när en TLS-klient-autentiseringsuppgift skapades. Intern felstatus är 10013.

Error: (07/29/2021 11:36:44 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT instans)
Description: Installationsfel: Det gick inte att installera följande uppdatering på grund av fel 0x80073d02: 9NMPJ99VJBWV-Microsoft.YourPhone.


Windows Defender:
================
Date: 2021-06-11 23:24:34
Description: 
Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {85C55403-13DC-48EC-8B4A-F0F88A03380E}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM

Date: 2021-06-10 22:49:06
Description: 
Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {C4A22BE4-C2FC-40A1-AA4C-1E73EBEC07EA}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM

Date: 2021-06-09 22:30:49
Description: 
Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {2D0A7060-FBC8-4EB8-A086-FB21B3EA35E1}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM

Date: 2021-04-06 18:02:07
Description: 
Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {02B6BC44-AF4E-41B3-92CA-903DB2B91B6A}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM

Date: 2021-04-05 17:03:43
Description: 
Microsoft Defender Antivirus-sökningen stoppades innan den slutfördes.
Söknings-ID: {7A91D1F2-5C88-4395-995E-A3E8AB961E49}
Sökningstyp: Antimalware
Sökningsparametrar: Snabbsökning
Användare: NT instans\SYSTEM

Date: 2021-08-01 00:38:54
Description: 
Ett fel uppstod när Microsoft Defender Antivirus skulle uppdatera säkerhetsinsikter.
Ny version av säkerhetsinsikter: 
Tidigare version av säkerhetsinsikter: 1.343.1612.0
Uppdateringskälla: Microsoft Update-server
Typ av säkerhetsinsikter: AntiVirus
Uppdateringstyp: Fullständig
Användare: NT instans\SYSTEM
Aktuell motorversion: 
Tidigare motorversion: 1.1.18300.4
Felkod: 0x8007045b
Felbeskrivning: Systemet håller på att avslutas. 

Date: 2021-07-25 01:33:20
Description: 
Ett fel uppstod när Microsoft Defender Antivirus skulle uppdatera säkerhetsinsikter.
Ny version av säkerhetsinsikter: 1.343.1603.0
Tidigare version av säkerhetsinsikter: 1.343.910.0
Uppdateringskälla: Användare
Typ av säkerhetsinsikter: AntiSpyware
Uppdateringstyp: Förändring
Användare: NT instans\Nätverkstjänst
Aktuell motorversion: 1.1.18300.4
Tidigare motorversion: 1.1.18300.4
Felkod: 0x80509004
Felbeskrivning: Ett oväntat problem har uppstått. Installera eventuella tillgängliga uppdateringar och försök sedan starta programmet igen. Mer information om hur du installerar uppdateringar finns i Hjälp och support. 

Date: 2021-07-25 01:33:20
Description: 
Ett fel uppstod när Microsoft Defender Antivirus skulle uppdatera säkerhetsinsikter.
Ny version av säkerhetsinsikter: 1.343.1603.0
Tidigare version av säkerhetsinsikter: 1.343.910.0
Uppdateringskälla: Användare
Typ av säkerhetsinsikter: AntiVirus
Uppdateringstyp: Förändring
Användare: NT instans\Nätverkstjänst
Aktuell motorversion: 1.1.18300.4
Tidigare motorversion: 1.1.18300.4
Felkod: 0x80509004
Felbeskrivning: Ett oväntat problem har uppstått. Installera eventuella tillgängliga uppdateringar och försök sedan starta programmet igen. Mer information om hur du installerar uppdateringar finns i Hjälp och support. 

Date: 2021-07-25 01:33:16
Description: 
Ett fel uppstod när Microsoft Defender Antivirus skulle uppdatera säkerhetsinsikter.
Ny version av säkerhetsinsikter: 
Tidigare version av säkerhetsinsikter: 1.343.910.0
Uppdateringskälla: Microsoft Update-server
Typ av säkerhetsinsikter: AntiVirus
Uppdateringstyp: Fullständig
Användare: NT instans\SYSTEM
Aktuell motorversion: 
Tidigare motorversion: 1.1.18300.4
Felkod: 0x8024001e
Felbeskrivning: Ett oväntat problem uppstod under sökningen efter uppdateringar. Mer information om hur du installerar och felsöker uppdateringar finns i Hjälp och support. 

Date: 2021-07-25 01:32:23
Description: 
Ett fel uppstod när Microsoft Defender Antivirus skulle uppdatera säkerhetsinsikter.
Ny version av säkerhetsinsikter: 1.343.1603.0
Tidigare version av säkerhetsinsikter: 1.343.910.0
Uppdateringskälla: Användare
Typ av säkerhetsinsikter: AntiSpyware
Uppdateringstyp: Förändring
Användare: NT instans\Nätverkstjänst
Aktuell motorversion: 1.1.18300.4
Tidigare motorversion: 1.1.18300.4
Felkod: 0x80509004
Felbeskrivning: Ett oväntat problem har uppstått. Installera eventuella tillgängliga uppdateringar och försök sedan starta programmet igen. Mer information om hur du installerar uppdateringar finns i Hjälp och support. 

CodeIntegrity:
===============
Date: 2021-07-22 20:26:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\vdsldr.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\TeamViewer\tv_x64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-02-17 07:38:38
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SIHClient.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. A.50 10/17/2017
Motherboard: MSI A320M GRENADE (MS-7A39)
Processor: AMD Ryzen 5 1600 Six-Core Processor 
Percentage of memory in use: 90%
Total physical RAM: 8144.33 MB
Available physical RAM: 794.48 MB
Total Virtual: 30672.33 MB
Available Virtual: 9515.52 MB

==================== Drives ================================

Drive 😄 () (Fixed) (Total:222.94 GB) (Free:29.41 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:585.21 GB) NTFS
Drive e: (Evo) (Fixed) (Total:465.76 GB) (Free:302.12 GB) NTFS

\\?\Volume{42e1fd03-e339-41a9-928e-884029ed1127}\ (Återställning) (Fixed) (Total:0.52 GB) (Free:0.05 GB) NTFS
\\?\Volume{abb68792-7fc2-489a-bbad-7c3ed3045277}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 9569EFE1)

Partition: GPT.

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: 7185B5D4)

Partition: GPT.

==========================================================
Disk: 2 (Protective MBR) (Size: 223.6 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Link to comment
Share on other sites

Cecilia
7 minuter sedan, skrev cybertears:

Malware.Heuristic.1003, C:\Windows\assembly\NativeImages_v2.0.50727_32\BdmuxInterface\09ca543914be767ca788c735a3586233\BdmuxInterface.ni.dll

Det där är ju en mapp för Windows egna filer och datorns drivrutiner. Just denna fil bör komma från Sony och är kanske för uppspelning av Blu-Ray. Det kan mycket väl vara ett falsklarm så jag föreslår att du börjar med att låta Malwarebytes kolla upp det: https://support.malwarebytes.com/hc/en-us/articles/360038524154-Report-a-false-positive-to-Malwarebytes-Support

 

Link to comment
Share on other sites

cybertears

Okej, jag har skapat en tråd för det så får vi se vad de säger :) 

 

Behöver jag vara orolig om det från FRST loggen?

 

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

FireFox:
========
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-01-17] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-01-17] <==== ATTENTION


Chrome: 
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

 

Link to comment
Share on other sites

Cecilia

Policy restrictions är vanliga och höjer ofta säkerheten om man inte upplever något problem.

 

Raderna med Firefox beror antagligen på Kaspersky Labs antivirus.

 

Chrome-raden är ett tillägg från Malwarebytes.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share



×
×
  • Create New...