Solved Is this malware and how to remove it? "Received message from unexpected origin : chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj

B

buhle

I get this message on different websites
"Received message from unexpected origin : chrome-extension://efaidnbmnnnibpcajpcglclefindmkaj "when using google chrome.

I think it is some kind of malware - but I dont know how to remove it - any suggestions?

I appreciate your help :)

The FRST file

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-10-2021
Ran by zilje (administrator) on LAPTOP-VBPC1UMB (HP HP Pavilion Notebook) (16-10-2021 11:00:45)
Running from C:\Users\zilje\Downloads
Loaded Profiles: zilje & Administrator
Platform: Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) Language: Dansk (Danmark)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe <2>
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(CyberLink Corp. -> CyberLink) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\zilje\AppData\Local\FluxSoftware\Flux\flux.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <12>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> HP Development Company, L.P.) C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(HP Inc. -> HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(HP Inc.) [File not signed] C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel Corporation -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel(R) Corporation) C:\Windows\SysWOW64\XtuService.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_ffc75848a6342fdf\jhi_service.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\IntelCpHeciSvc.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <14>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_3.2109.6305.0_x64__8wekyb3d8bbwe\Cortana.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.14326.20436.0_x64__8wekyb3d8bbwe\HxTsr.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12107.1001.15.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBar.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.721.9022.0_x64__8wekyb3d8bbwe\GameBarFTServer.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.exe
(Sony Nordic (Sweden), Filial till Sony Europe B.V.(NL) -> Sony) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe
(Sony) [File not signed] C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe <2>
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [134936 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9217024 2017-07-18] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [339512 2021-09-22] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [1062392 2017-03-15] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2138272 2016-10-08] (Shenzhen Jia Xing Investment Co., Ltd. -> AimerSoft)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [5267168 2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] (OOO Lightshot -> )
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133728 2017-09-12] (Wondershare Technology Co.,Ltd -> Wondershare)
HKLM-x32\...\Run: [] => [X]
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [5397216 2021-10-05] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [FreeYouTubeDownloader] => "C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe" -h
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [f.lux] => C:\Users\zilje\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [35093120 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [1705552 2021-06-09] (Sony Nordic (Sweden), Filial till Sony Europe B.V.(NL) -> Sony)
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [31176112 2021-08-24] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\MountPoints2: {751f6d18-137a-11eb-b9a1-a08cfd1b3b21} - "E:\startme.exe"
HKLM\...\Windows x64\Print Processors\Canon MG2500 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPDBX.DLL [30208 2013-03-24] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Adobe PDF Port Monitor: C:\WINDOWS\system32\AdobePDF.dll [65160 2021-05-28] (Adobe Inc. -> Adobe Systems Inc)
HKLM\...\Print\Monitors\ImagePrinter Pro Port: C:\WINDOWS\system32\img_localmon.dll [24576 2017-07-19] (Copyright (c) 2011 Code Industry LTD) [File not signed]
HKLM\...\Print\Monitors\PDF995 Monitor: C:\WINDOWS\system32\pdf995mon64.dll [40448 2014-03-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\94.0.4606.81\Installer\chrmstp.exe [2021-10-15] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-06-29]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () [File not signed]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP JumpStart Launch.lnk [2017-04-29]
ShortcutTarget: HP JumpStart Launch.lnk -> C:\Windows\Installer\{B90CB0DE-2E60-41C4-9857-466EB98192BF}\HPlogo_blue.ico () [File not signed]
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00937389-49C9-47F6-9CA7-B58698472E50} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {0788B3AA-DE86-43DD-8FAC-06E5AFF02833} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {113944D9-E23D-4600-B4CC-C9B39BEE2D8A} - System32\Tasks\Mozilla\Firefox Background Update E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\E7CF176E110C211B\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {131B5DAB-BC99-4C8A-AE0A-E83FDC8EB66A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {149177B8-2107-412D-8356-DA34869F5268} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-ziljeshanti@hotmail.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {18A117E8-0716-49D0-B4AB-6EA3AEA4B29F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1153408 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {1D110604-9FDB-4252-930E-66123461E40C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [326320 2021-07-15] (HP Inc. -> HP Inc.)
Task: {250034EE-D25A-4471-906C-430A08DEFDF4} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {32147DD3-3DEA-4347-AEB9-EF08BA2F526E} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {3F311E20-B358-45C5-A4AC-1EE2073C206E} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {419C6B5F-2E1A-47B4-BDE0-852A677707F8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616832 2019-09-04] (Apple Inc. -> Apple Inc.)
Task: {4295AB61-BF80-4C3F-ABCE-9A97780C34BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-17] (Google Inc -> Google Inc.)
Task: {5AD00895-263C-4FAA-8545-74CCDBCCD88E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [136304 2021-03-30] (HP Inc. -> HP Inc.)
Task: {6F4BBE3B-E08D-42E3-89E2-A52064DB3178} - System32\Tasks\G2MUpdateTask-S-1-5-21-2590093458-1854914899-3869129534-1001
Task: {73D3EB5F-DD58-4311-865A-F26249571113} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4929304 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
Task: {73EEB4C6-8C59-448F-B3E5-10DB29E84CB3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant printer driver installation => C:\WINDOWS\TEMP\sp80918.exe <==== ATTENTION
Task: {7645FAED-8C96-4EA6-85F2-36312B8A4966} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {772EDD51-F8CA-4632-8584-384120831790} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {7B18D672-F8D5-4E11-A051-561794BB0166} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255680 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {7D2452EC-833C-4386-9C0C-69158D28B159} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [680888 2021-10-06] (Mozilla Corporation -> Mozilla Foundation)
Task: {83447F96-5BC6-446A-B78B-A4E504CAC021} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {8A20D2EA-EFF3-46A0-99DE-CD950424425A} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1790184 2021-04-29] (Avast Software s.r.o. -> Avast Software)
Task: {8F9C4CD1-56EF-4526-B694-B505631AC040} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
Task: {94956D8F-DE46-4B48-AFEF-B67B52ECFF93} - System32\Tasks\CCleanerSkipUAC - zilje => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {9932B2AA-8C28-43D3-A64D-037B4E9C4090} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {A0C612F7-CABF-4F76-BB1A-6A3E250DFAF6} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {A8CC70FF-2FE7-4CAD-935B-DD9ED7878864} - System32\Tasks\update-S-1-5-21-2590093458-1854914899-3869129534-1001
Task: {AA3FF1F6-F6D4-449A-8B69-A6EBF4F71344} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {B124F3D0-CFC4-473D-900B-18B203AC1C96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [4255680 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {B1D3FDC5-9382-411B-BE1C-05803B551489} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-01-17] (Google Inc -> Google Inc.)
Task: {B22F29A2-E6BA-4B31-8252-8FF7B6BA26C7} - System32\Tasks\HP\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\HP\HP CoolSense\CoolSense.exe [1356008 2016-01-21] (Hewlett-Packard Company -> HP Development Company, L.P.)
Task: {B32430B4-8DAA-43D6-9E67-87ABBDD9A9FF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1136984 2020-09-17] (HP Inc. -> HP Inc.)
Task: {B34F0A53-3042-47C0-88CA-F55737F5A6CA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {B68FE663-FC21-4081-BC47-6431287474D0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B97A0DDD-3F0E-4552-9BFE-F726F1CC5770} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [110440 2021-10-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C3A2E81E-0138-418E-97D5-F10B3547081B} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40880 2021-08-24] (Garmin International, Inc. -> )
Task: {CBA4561F-84F0-4316-AF7E-0E5B56527E6C} - System32\Tasks\G2MUploadTask-S-1-5-21-2590093458-1854914899-3869129534-1001
Task: {D21416F6-4F10-46E1-A1BE-FB7C462279B4} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {D4106908-BC10-4CE2-89B0-ADD01C0DEBB7} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [21976976 2021-09-25] (Microsoft Corporation -> Microsoft Corporation)
Task: {E217CD59-F61D-4900-B762-F6C099FE718D} - System32\Tasks\update-sys
Task: {E2FDFDD0-C2A2-4D06-A5C6-0A406665B766} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)
Task: {E6DCCBFF-CD73-4C7B-939F-B4E68CEE1355} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [25128 2017-11-15] (HP Inc. -> )
Task: {EAE050B9-BD55-483F-BCA4-1E844FAE2AB6} - System32\Tasks\AdobeGCInvoker-1.0 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [3412736 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {ECBF2264-F166-4119-BB24-9CB2B39BB210} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {EE058231-735B-43D7-8E4E-117CCAB1400D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [1506648 2020-08-20] (HP Inc. -> HP Inc.)
Task: {FC7D4C7F-AC17-4860-9DE2-31B6C5CAB723} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - resources updates => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [665944 2020-08-07] (HP Inc. -> HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-2590093458-1854914899-3869129534-1001.job => C:\Users\zilje\AppData\Local\GoToMeeting\19228\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-2590093458-1854914899-3869129534-1001.job => C:\Users\zilje\AppData\Local\GoToMeeting\19228\g2mupload.exe
Task: C:\WINDOWS\Tasks\update-S-1-5-21-2590093458-1854914899-3869129534-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 212.10.10.5 212.10.10.4
Tcpip\..\Interfaces\{2b1747d4-e9a6-496d-88a9-48fd0506c596}: [DhcpNameServer] 212.10.10.5 212.10.10.4

Edge:
=======
Edge Extension: (No Name) -> AutoFormFill_5ED10D46BD7E47DEB1F3685D2C0FCE08 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\AutoFormFill [not found]
Edge Extension: (No Name) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\BookViewer [not found]
Edge Extension: (No Name) -> EdgeExtension_Link64GmbHVideoDownloaderProfessionalforEdge_r8gm29f18mcyc => C:\Program Files\WindowsApps\Link64GmbH.VideoDownloaderProfessionalforEdge_1.0.12.0_neutral__r8gm29f18mcyc [not found]
Edge Extension: (No Name) -> LearningTools_7706F933-971C-41D1-9899-8A026EB5D824 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\LearningTools [not found]
Edge Extension: (No Name) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [not found]
Edge DefaultProfile: Default
Edge Profile: C:\Users\zilje\AppData\Local\Microsoft\Edge\User Data\Default [2021-10-16]
Edge Notifications: Default -> hxxps://www.joom.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\zilje\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-10-15]
Edge Extension: (Video & Audio Downloader) - C:\Users\zilje\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ijgjhlfeehehjgionndhjjfckmobedee [2021-06-15]
Edge Extension: (All Video Downloader professional) - C:\Users\zilje\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\mbpnbnogejaolbhfpfgagldkeahefbhd [2020-09-12]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: nu1mys38.default-1491232983148
FF ProfilePath: C:\Users\zilje\AppData\Roaming\Mozilla\Firefox\Profiles\nu1mys38.default-1491232983148 [2021-09-23]
FF Homepage: Mozilla\Firefox\Profiles\nu1mys38.default-1491232983148 -> hxxps://www.google.dk/?gws_rd=cr,ssl&ei=De9UWYexFciF6ATjxJbwBw|about:addons
FF NewTab: Mozilla\Firefox\Profiles\nu1mys38.default-1491232983148 -> hxxps://dk.search.yahoo.com/yhs/web?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__hp_WCYID10300_FYD_170601__yaff
FF Extension: (Ummy Video Downloader) - C:\Users\zilje\AppData\Roaming\Mozilla\Firefox\Profiles\nu1mys38.default-1491232983148\Extensions\{2bfc8e07-8df2-4600-a937-6bab8f954152}.xpi [2019-09-15]
FF Extension: (Awesome Vimeo Downloader) - C:\Users\zilje\AppData\Roaming\Mozilla\Firefox\Profiles\nu1mys38.default-1491232983148\Extensions\{f5eca307-f4c6-4120-89e1-1b32c0262944}.xpi [2021-03-01]
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-05-29] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2021-10-05] (Adobe Inc. -> Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default [2021-10-16]
CHR Notifications: Default -> hxxps://mail.google.com; hxxps://meet.google.com; hxxps://web.whatsapp.com; hxxps://www.facebook.com
CHR DefaultSearchURL: Default -> hxxps://ssl.gstatic.com/ui/v1/icons/mail/rfr/gmail.ico
CHR Extension: (Docs) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Google Drev) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-25]
CHR Extension: (YouTube) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-17]
CHR Extension: (Adblock Plus -gratis annonceblokeringsværktøj) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2021-09-04]
CHR Extension: (Adobe Acrobat) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2021-10-15]
CHR Extension: (Sheets) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Google Docs Offline) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-28]
CHR Extension: (Gmail) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\miilmjmgkdhdabfkjkilgecbhbchboem [2021-06-01]
CHR Extension: (Betalinger I Chrome Webshop) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-08]
CHR Extension: (ColorPick Eyedropper) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohcpnigalekghcmgcdcenkpelffpdolg [2020-12-18]
CHR Extension: (Gmail) - C:\Users\zilje\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Profile: C:\Users\zilje\AppData\Local\Google\Chrome\User Data\System Profile [2021-10-16]
CHR HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
 
==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3833088 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [3603200 2021-09-07] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [8323664 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [630040 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [377624 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-05-27] (Avast Software s.r.o. -> AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9250696 2021-10-01] (Microsoft Corporation -> Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [129808 2021-08-13] (Dropbox, Inc -> Dropbox, Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
R2 HPJumpStartBridge; C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [471040 2017-05-23] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (Hewlett-Packard Company -> HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [379736 2020-08-20] (HP Inc. -> HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc. -> HP Inc.)
R2 HPWMISVC; C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [630776 2017-02-06] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7801016 2021-10-16] (Malwarebytes Inc -> Malwarebytes)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3004048 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103384 2019-12-07] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2575360 2021-06-09] (Sony) [File not signed]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [35720 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [221600 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [369176 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [250408 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [99368 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [21936 2021-09-24] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [41368 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [184640 2021-09-27] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\WINDOWS\System32\drivers\aswNetHub.sys [538480 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [107864 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [82912 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [851712 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [557152 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [215392 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [328568 2021-09-24] (Avast Software s.r.o. -> AVAST Software)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S3 CMUSBDAC; C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys [3819744 2018-07-25] (WDKTestCert cm359,131641702659254692 -> C-MEDIA)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [210344 2021-10-16] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-02-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-06-24] (Malwarebytes Inc -> Malwarebytes)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46688 2019-12-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [350136 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [54200 2019-12-07] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2020-06-08] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-16 11:00 - 2021-10-16 11:01 - 000037677 _____ C:\Users\zilje\Downloads\FRST.txt
2021-10-16 10:38 - 2021-10-16 10:38 - 000000000 ____D C:\Users\zilje\AppData\Local\{2C2D7843-C348-4CB5-B41C-455E9405C8B4}
2021-10-16 10:05 - 2021-10-16 10:06 - 000000000 ___DC C:\Users\zilje\Desktop\downloadsoverførsler
2021-10-16 08:57 - 2021-10-16 11:01 - 000000000 ____D C:\FRST
2021-10-16 08:56 - 2021-10-16 08:56 - 002310656 _____ (Farbar) C:\Users\zilje\Downloads\FRST64.exe
2021-10-16 08:48 - 2021-10-16 08:48 - 000000000 ___DC C:\Users\zilje\AppData\LocalLow\Oracle
2021-10-15 10:53 - 2021-10-15 10:53 - 001393504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2021-10-15 10:53 - 2021-10-15 10:53 - 000611960 _____ C:\WINDOWS\SysWOW64\TextShaping.dll
2021-10-15 10:53 - 2021-10-15 10:53 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2021-10-15 10:53 - 2021-10-15 10:53 - 000452096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2021-10-15 10:53 - 2021-10-15 10:53 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2021-10-15 10:53 - 2021-10-15 10:53 - 000011495 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-10-15 10:53 - 2021-10-15 10:53 - 000007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2021-10-15 10:53 - 2021-10-15 10:53 - 000005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2021-10-15 10:52 - 2021-10-15 10:53 - 001823296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2021-10-15 10:52 - 2021-10-15 10:52 - 000706536 _____ C:\WINDOWS\system32\TextShaping.dll
2021-10-15 10:52 - 2021-10-15 10:52 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2021-10-15 10:52 - 2021-10-15 10:52 - 000288768 _____ C:\WINDOWS\system32\Windows.Management.InprocObjects.dll
2021-10-15 10:52 - 2021-10-15 10:52 - 000098304 _____ C:\WINDOWS\system32\Drivers\cimfs.sys
2021-10-15 10:41 - 2021-10-15 10:42 - 000000000 ___HD C:\$WinREAgent
2021-10-06 22:12 - 2021-10-07 16:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-10-06 07:34 - 2021-10-16 08:40 - 000000000 ____D C:\Users\zilje\AppData\Roaming\WhatsApp
2021-10-06 07:34 - 2021-10-15 11:08 - 000000000 ____D C:\Users\zilje\AppData\Local\WhatsApp
2021-10-06 07:34 - 2021-10-06 07:34 - 000002210 ____C C:\Users\zilje\Desktop\WhatsApp.lnk
2021-10-06 07:34 - 2021-10-06 07:34 - 000000000 ___DC C:\Users\zilje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2021-09-30 16:18 - 2021-09-30 16:18 - 000001823 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-09-30 16:18 - 2021-09-30 16:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-09-30 16:18 - 2021-09-30 16:18 - 000000000 ____D C:\Program Files\iTunes
2021-09-24 21:06 - 2021-09-24 21:06 - 000340248 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2021-09-24 21:06 - 2021-09-24 21:06 - 000215392 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2021-09-17 19:29 - 2021-09-17 19:29 - 000001970 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2021-09-17 19:29 - 2021-09-17 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2021-09-16 20:10 - 2021-09-16 20:10 - 000672768 _____ C:\WINDOWS\system32\FsNVSDeviceSource.dll
2021-09-16 20:09 - 2021-09-16 20:09 - 002295296 _____ (Digimarc) C:\WINDOWS\system32\DMRCDecoder.dll
2021-09-16 20:09 - 2021-09-16 20:09 - 002260992 _____ C:\WINDOWS\system32\TextInputMethodFormatter.dll
2021-09-16 20:09 - 2021-09-16 20:09 - 002111488 _____ (Digimarc) C:\WINDOWS\SysWOW64\DMRCDecoder.dll
2021-09-16 20:09 - 2021-09-16 20:09 - 001333760 _____ C:\WINDOWS\SysWOW64\TextInputMethodFormatter.dll
2021-09-16 20:09 - 2021-09-16 20:09 - 001313608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-09-16 20:09 - 2021-09-16 20:09 - 001164288 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2021-09-16 20:09 - 2021-09-16 20:09 - 000272384 _____ C:\WINDOWS\system32\TpmTool.exe
2021-09-16 20:09 - 2021-09-16 20:09 - 000223744 _____ C:\WINDOWS\SysWOW64\TpmTool.exe
2021-09-16 20:09 - 2021-09-16 20:09 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2021-09-16 20:09 - 2021-09-16 20:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2021-09-16 20:09 - 2021-09-16 20:09 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-10-16 10:57 - 2020-08-02 00:11 - 001522332 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-10-16 10:57 - 2019-12-07 16:56 - 000519416 _____ C:\WINDOWS\system32\perfh006.dat
2021-10-16 10:57 - 2019-12-07 16:56 - 000104090 _____ C:\WINDOWS\system32\perfc006.dat
2021-10-16 10:57 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-10-16 10:53 - 2021-04-26 10:35 - 000210344 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-10-16 10:53 - 2020-08-01 15:10 - 000002040 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-10-16 10:53 - 2019-07-03 17:21 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-10-16 10:53 - 2019-07-03 17:21 - 000002028 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-10-16 10:51 - 2019-06-15 17:19 - 000000000 ____D C:\Program Files\CCleaner
2021-10-16 10:51 - 2017-01-17 13:06 - 000000000 ____D C:\Program Files (x86)\Google
2021-10-16 10:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-10-16 10:50 - 2017-01-22 15:02 - 000000000 ___DC C:\Users\zilje\AppData\Local\Adobe
2021-10-16 10:50 - 2017-01-17 13:04 - 000000000 ___RD C:\Users\zilje\OneDrive
2021-10-16 10:49 - 2020-08-02 00:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-10-16 10:49 - 2020-08-02 00:05 - 002429232 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-10-16 10:49 - 2020-08-02 00:05 - 000008192 ___SH C:\DumpStack.log.tmp
2021-10-16 10:49 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ServiceState
2021-10-16 10:49 - 2019-12-07 11:03 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2021-10-16 10:49 - 2017-01-18 00:20 - 000000000 ____D C:\ProgramData\AVAST Software
2021-10-16 10:49 - 2017-01-17 13:02 - 000000000 __SHD C:\Users\zilje\IntelGraphicsProfiles
2021-10-16 10:44 - 2016-11-11 23:08 - 000000000 ____D C:\WINDOWS\HP
2021-10-16 10:44 - 2016-06-29 10:42 - 000000000 ____D C:\SWSetup
2021-10-16 10:40 - 2017-01-18 00:28 - 000000000 ___DC C:\Users\zilje\AppData\LocalLow\Mozilla
2021-10-16 10:38 - 2020-10-11 12:05 - 000000000 ____D C:\Temp
2021-10-16 10:34 - 2018-05-10 21:42 - 000000000 ___DC C:\Users\zilje\AppData\Local\AVAST Software
2021-10-16 10:29 - 2017-06-28 10:18 - 000000000 ___DC C:\Users\zilje\AppData\Local\Apowersoft
2021-10-16 10:28 - 2020-03-05 20:48 - 000000000 ____D C:\Users\zilje\AppData\Roaming\ActivePresenter
2021-10-16 10:04 - 2021-09-06 19:06 - 000000000 ___DC C:\Users\zilje\Desktop\DSBbilletter
2021-10-16 09:02 - 2018-09-14 14:16 - 000000000 ___DC C:\Users\zilje\AppData\Local\CrashDumps
2021-10-16 09:00 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-16 09:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-10-16 09:00 - 2017-12-19 18:35 - 000000000 ___DC C:\Users\zilje\AppData\Local\Packages
2021-10-16 08:41 - 2019-12-07 11:14 - 000000000 ___SD C:\WINDOWS\system32\UNP
2021-10-16 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2021-10-16 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-10-16 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2021-10-16 08:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-10-16 08:40 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-10-16 08:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-10-16 08:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\DiagTrack
2021-10-16 08:40 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-10-16 08:38 - 2020-08-02 00:15 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2021-10-16 08:38 - 2020-08-02 00:05 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-10-15 11:10 - 2017-09-14 14:02 - 000002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2021-10-15 11:10 - 2017-09-14 14:02 - 000002110 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2021-10-15 10:56 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-10-15 10:41 - 2017-01-18 00:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-10-15 10:38 - 2020-09-11 23:56 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-10-15 10:38 - 2020-09-11 23:56 - 000002295 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-10-15 10:35 - 2017-01-18 00:25 - 139806512 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-10-15 10:33 - 2017-01-17 13:06 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-10-15 10:32 - 2020-09-11 23:55 - 000003514 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-10-15 10:32 - 2020-09-11 23:55 - 000003390 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-10-14 22:11 - 2021-08-19 12:10 - 000002254 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - zilje
2021-10-14 22:11 - 2020-08-02 00:15 - 000003482 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-10-14 22:11 - 2020-08-02 00:15 - 000003382 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2021-10-14 22:11 - 2020-08-02 00:15 - 000003158 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2021-10-14 22:11 - 2020-08-02 00:15 - 000002988 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-10-14 22:11 - 2020-08-02 00:15 - 000002862 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2590093458-1854914899-3869129534-1001
2021-10-14 22:11 - 2020-08-02 00:15 - 000002702 _____ C:\WINDOWS\system32\Tasks\GarminUpdaterTask
2021-10-14 22:11 - 2020-08-02 00:15 - 000002238 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-10-14 22:11 - 2020-08-02 00:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2021-10-14 22:11 - 2020-08-02 00:06 - 000000000 ____D C:\Users\zilje
2021-10-13 08:15 - 2020-08-02 00:15 - 000003522 _____ C:\WINDOWS\system32\Tasks\AdobeGCInvoker-1.0
2021-10-12 09:40 - 2016-06-29 02:23 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-10-11 08:47 - 2021-01-24 11:55 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-10-08 14:34 - 2020-08-02 00:06 - 000000000 ____D C:\Users\Administrator
2021-10-07 16:19 - 2017-01-18 00:28 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-10-07 09:32 - 2021-08-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-10-07 09:32 - 2017-01-18 00:28 - 000001215 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-10-06 07:34 - 2019-08-18 21:47 - 000000000 ____D C:\Users\zilje\AppData\Local\SquirrelTemp
2021-10-05 10:46 - 2020-08-02 00:06 - 000002364 ____C C:\Users\zilje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2021-09-30 16:38 - 2017-01-26 11:18 - 000000000 ___DC C:\Users\zilje\AppData\Local\ConnectedDevicesPlatform
2021-09-30 16:38 - 2016-11-21 21:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\migwiz
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\DDFs
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\appraiser
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellComponents
2021-09-30 16:26 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2021-09-30 16:26 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\servicing
2021-09-27 22:59 - 2018-05-23 19:04 - 000000000 ___DC C:\Users\zilje\AppData\Local\PlaceholderTileLogoFolder
2021-09-27 13:15 - 2020-10-15 23:08 - 000184640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2021-09-24 21:06 - 2020-04-15 14:27 - 000538480 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetHub.sys
2021-09-24 21:06 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-24 21:06 - 2019-01-04 23:59 - 000250408 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2021-09-24 21:06 - 2019-01-04 23:59 - 000099368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2021-09-24 21:06 - 2018-10-10 21:05 - 000041368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2021-09-24 21:06 - 2018-06-21 17:26 - 000021936 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2021-09-24 21:06 - 2017-12-19 16:32 - 000557152 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2021-09-24 21:06 - 2017-12-19 16:32 - 000328568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2021-09-24 21:06 - 2017-12-19 16:32 - 000107864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2021-09-24 21:06 - 2017-12-19 16:32 - 000082912 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2021-09-24 21:05 - 2019-01-14 18:33 - 000369176 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2021-09-24 21:05 - 2019-01-04 23:59 - 000035720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2021-09-24 21:05 - 2017-12-19 16:32 - 000851712 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2021-09-24 21:05 - 2017-12-19 16:32 - 000221600 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2021-09-23 13:22 - 2019-07-05 13:17 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-21 10:59 - 2019-04-12 13:06 - 000000000 ____D C:\Users\zilje\OneDrive\Dokumenter\My Kindle Content
2021-09-17 19:30 - 2017-03-13 20:03 - 000000000 ____D C:\ProgramData\Garmin
2021-09-17 19:29 - 2017-03-13 20:03 - 000000000 ____D C:\Program Files (x86)\Garmin
2021-09-17 19:29 - 2016-06-29 02:22 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories ========

2018-09-28 10:37 - 2018-09-28 10:37 - 000000085 ____C () C:\Users\zilje\AppData\Roaming\Camdata.ini
2018-09-28 10:37 - 2018-09-28 10:37 - 000000408 ____C () C:\Users\zilje\AppData\Roaming\CamLayout.ini
2018-09-28 10:37 - 2018-09-28 10:37 - 000000408 ____C () C:\Users\zilje\AppData\Roaming\CamShapes.ini
2018-09-19 13:05 - 2018-09-19 13:05 - 000000096 ____C () C:\Users\zilje\AppData\Roaming\version2.xml
2019-04-29 13:48 - 2019-04-29 13:48 - 000005632 ____C () C:\Users\zilje\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-10-01 10:00 - 2018-10-01 10:00 - 000000000 ____C () C:\Users\zilje\AppData\Local\oobelibMkey.log
2018-07-21 18:17 - 2018-07-21 18:17 - 000008904 ____C () C:\Users\zilje\AppData\Local\recently-used.xbel
2019-02-04 19:56 - 2019-02-04 19:56 - 000000003 ____C () C:\Users\zilje\AppData\Local\updater.log
2019-02-04 19:56 - 2019-02-04 19:56 - 000000425 ____C () C:\Users\zilje\AppData\Local\UserProducts.xml
2019-12-11 22:14 - 2019-12-11 22:14 - 000000000 _____ () C:\Users\zilje\AppData\Local\{4C46D9C0-202E-4E89-ADA7-4D0EA84373A8}
2019-12-11 11:38 - 2019-12-11 11:38 - 000000000 _____ () C:\Users\zilje\AppData\Local\{A20F43E5-1909-4758-94A3-8C86CE8451A2}
2019-12-12 15:13 - 2019-12-12 15:13 - 000000000 _____ () C:\Users\zilje\AppData\Local\{A81349BE-BE50-461F-A925-C6CF97BC19BB}
2020-03-13 10:32 - 2020-03-13 10:32 - 000000000 _____ () C:\Users\zilje\AppData\Local\{D5EE32F7-66B5-431F-9D7E-7608E4A39E95}
2019-12-13 00:40 - 2019-12-13 00:40 - 000000000 _____ () C:\Users\zilje\AppData\Local\{E99BBB04-8CF9-466B-AA75-06774558CEF3}
2019-12-14 11:56 - 2019-12-14 11:56 - 000000000 _____ () C:\Users\zilje\AppData\Local\{F801E7C7-BF1D-46EC-B461-75A2AF0BAB71}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================
 
The Additional file

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2021
Ran by zilje (16-10-2021 11:02:34)
Running from C:\Users\zilje\Downloads
Microsoft Windows 10 Home Version 21H1 19043.1288 (X64) (2020-08-01 22:15:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2590093458-1854914899-3869129534-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2590093458-1854914899-3869129534-503 - Limited - Disabled)
Gæst (S-1-5-21-2590093458-1854914899-3869129534-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2590093458-1854914899-3869129534-504 - Limited - Disabled)
zilje (S-1-5-21-2590093458-1854914899-3869129534-1001 - Administrator - Enabled) => C:\Users\zilje

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 21.007.20099 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Adobe Connect 9 Add-in) (Version: 11.9.980.387 - Adobe Systems Incorporated)
Adobe Genuine Service (HKLM-x32\...\AdobeGenuineService) (Version: - Adobe)
Amazon Kindle (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Amazon Kindle) (Version: 1.32.0.61109 - Amazon)
ANT Drivers Installer x64 (HKLM\...\{C908C165-F564-4420-AFBC-BC9BB5093D89}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Apple-programunderstøttelse (32 bit) (HKLM-x32\...\{A7039CC9-4669-4799-92B1-C5CE346DBE3D}) (Version: 8.3 - Apple Inc.)
Apple-programunderstøttelse (64 bit) (HKLM\...\{E2A6344A-45BF-47A0-9AE1-848325E7FD88}) (Version: 6.2 - Apple Inc.)
Audacity 2.3.3 (HKLM-x32\...\Audacity_is1) (Version: 2.3.3 - Audacity Team)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.8.2487 - Avast Software)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CamStudio 2.7.4 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.4 - CamStudio Open Source)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
csp (HKLM-x32\...\{6FDB32DB-4DF7-4835-B785-891C9BF38169}) (Version: 7.3.0 - InstallAware Software Corporation) Hidden
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.6.7428 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.1.2918 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DisableMSDefender (HKLM\...\{74FE39A0-FB76-47CD-84BA-91E2BBB17EF2}) (Version: 1.0.0 - Hewlett-Packard Company) Hidden
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.503.1 - Dropbox, Inc.) Hidden
Elevated Installer (HKLM-x32\...\{AA541EFB-3F91-4A7E-A915-CCDD91C2AE11}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
f.lux (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Flux) (Version: - f.lux Software LLC)
Garmin Express (HKLM-x32\...\{4CE72891-E662-4E1D-997A-2DB13467F489}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{e0284aaa-26dc-4fb0-b0b6-06e658bdc602}) (Version: 7.8.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 94.0.4606.81 - Google LLC)
GoTo Opener (HKLM-x32\...\{8B2D47CC-1558-4939-B27F-41E30530072A}) (Version: 1.0.467 - LogMeIn, Inc.)
GoToMeeting 10.15.0.19228 (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\GoToMeeting) (Version: 10.15.0.19228 - LogMeIn, Inc.)
Hjælp til Xperia Companion (HKLM\...\{0BFCDF65-FA11-431A-B059-4F58984C0D80}) (Version: 2.12.4.0 - Sony) Hidden
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.96.0 - HP Inc.)
HP CoolSense (HKLM-x32\...\{0C723C74-62DF-4B35-9490-A207546D866D}) (Version: 2.21.4 - HP Inc.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP ePrint SW (HKLM-x32\...\{b0ebf7ff-6b1a-4a92-9c85-6915be1962b9}) (Version: 5.1.19895 - HP Inc.)
HP JumpStart Bridge (HKLM-x32\...\{EB0912FF-C311-4E0F-A6B1-420FDD3C295E}) (Version: 1.3.0.407 - HP Inc.)
HP JumpStart Launch (HKLM-x32\...\{B90CB0DE-2E60-41C4-9857-466EB98192BF}) (Version: 1.1.158.0 - HP Inc.)
HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.8351.5556 - HP Inc.)
HP Support Assistant (HKLM-x32\...\{E8CD7D86-8A9F-4856-AE50-DCD2C0CC77C9}) (Version: 8.8.34.31 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{569BC7F4-ECA0-4AFA-8E2A-C675C5FC7068}) (Version: 12.18.34.21 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.29 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{1BB20774-0FA8-4CFF-AB69-7B7AAE2DCE6C}) (Version: 1.4.19 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.2.11000.2996 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.6.0.1035 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4836 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.2.0.1020 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{5068B0F8-CE24-4B61-9C2F-301B411FFB9C}) (Version: 18.1.1611.3223 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{226be6c3-8e08-4d52-bd3a-d361008448c5}) (Version: 10.1.1.37 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
iTunes (HKLM\...\{CFB0FA2C-C872-41A6-890F-A53C7A6E4C2B}) (Version: 12.12.1.1 - Apple Inc.)
Lightshot-5.4.0.35 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.35 - Skillbrains)
Malwarebytes version 4.4.8.137 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.8.137 - Malwarebytes)
Microsoft 365 Apps for enterprise - da-dk (HKLM\...\O365ProPlusRetail - da-dk) (Version: 16.0.14430.20270 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 94.0.992.47 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\OneDriveSetup.exe) (Version: 21.180.0905.0007 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2590093458-1854914899-3869129534-500\...\OneDriveSetup.exe) (Version: 17.3.6799.0327 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{29B15818-E79F-4AB0-8938-9410C807AD76}) (Version: 2.84.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation)
Movavi Video Editor 14 Plus (x64) (HKLM\...\Movavi Video Editor 14 Plus (x64)) (Version: 14.5.0 - Movavi)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 da) (HKLM\...\Mozilla Firefox 93.0 (x64 da)) (Version: 93.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 93.0.0.7940 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.14430.20270 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0406-0000-0000000FF1CE}) (Version: 16.0.14430.20234 - Microsoft Corporation) Hidden
Opdateringsassistent til Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22514 - Microsoft Corporation)
Pdf995 (HKLM-x32\...\Pdf995) (Version: 16.0s - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21289 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.13.1223.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8117 - Realtek Semiconductor Corp.)
Sony Mobile Software Update Drivers (HKLM\...\{4872001F-F67C-4C54-BC92-281C6A165251}) (Version: 3.2.0.3 - Sony Mobile Communications)
Sony Mobile Update Engine (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\Update Engine) (Version: 2.19.6.201905031205 - Sony Mobile Communications Inc.)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.5.10.75 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
VSDC Free Video Editor version 6.3.3.968 (HKLM\...\VSDC Free Video Editor_is1) (Version: 6.3.3.968 - Flash-Integro LLC)
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-2) (Version: 1.0.42.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.42.0 (HKLM\...\VulkanRT1.0.42.0-3) (Version: 1.0.42.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - Intel Corporation Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - Intel Corporation Inc.)
WhatsApp (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\WhatsApp) (Version: 2.2140.7 - WhatsApp)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Movie Maker 2017 (HKLM-x32\...\{3CC29C1A-B5FE-457B-1234-32A2557A92C7}}_is1) (Version: - winmoviemaker)
Windows-driverpakke - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-driverpakke - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Windows-driverpakke - Sony Mobile Communications (ggsomc) SOMCFlashDevice (12/06/2017 3.2.0.0) (HKLM\...\7AA77B236196DB9A6C04257060560ACDBB626F30) (Version: 12/06/2017 3.2.0.0 - Sony Mobile Communications)
withZing version 1.22.015 (HKLM-x32\...\{92E5FD90-07A2-4437-847A-B77D343EAFBF}_is1) (Version: 1.22.015 - Zing Performance)
Wondershare Filmora9(Build 9.0.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)
Wondershare Helper Compact 2.6.0 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.6.0 - Wondershare)
Xperia Companion (HKLM-x32\...\{62a4d732-5f36-4213-a9d8-7cccecd1e99d}) (Version: 2.12.4.0 - Sony)
Xperia Companion (HKLM-x32\...\{8CE04ADB-E536-480B-B61F-9D16C6392A0D}) (Version: 2.12.4.0 - Sony) Hidden
Zoom (HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\ZoomUMX) (Version: 5.7.5 (1020) - Zoom Video Communications, Inc.)

Packages:
=========
Adobe Photoshop Express: Billedbehandling, redigering, filtre, effekter, rammer -> C:\Program Files\WindowsApps\AdobeSystemsIncorporated.AdobePhotoshopExpress_3.5.377.0_x64__ynb6jyjzte8ga [2021-10-15] (Adobe Inc.)
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_2018.519.2815.0_x64__343d40qqvtj1t [2020-02-19] (Amazon.com)
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-06] (Autodesk Inc.)
Canon Inkjet Print Utility -> C:\Program Files\WindowsApps\34791E63.CanonInkjetPrintUtility_3.1.0.0_neutral__6e5tt8cgb93ep [2021-02-19] (Canon Inc.)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_10.22.3.0_x86__q4d96b2w5wcc2 [2021-09-28] (Evernote)
Free Screen Recorder -> C:\Program Files\WindowsApps\5259FreeSoftwareApps.FreeScreenRecorder_1.0.5.0_x64__nzrphq7phantj [2021-08-03] (Free Software Apps)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-01-26] (HP Inc.)
HP LOUNGE -> C:\Program Files\WindowsApps\UniversalMusicMobile.HPLOUNGE_2.1.1.0_x64__3ms5eyejfeart [2017-04-02] (Universal Music Mobile)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_131.1.242.0_x64__v10z8vjag6ke6 [2021-09-25] (HP Inc.)
Inkscape -> C:\Program Files\WindowsApps\25415Inkscape.Inkscape_1.1.0.0_x64__9waqn51p1ttv2 [2021-06-28] (Inkscape)
Instagram -> C:\Program Files\WindowsApps\Facebook.InstagramBeta_42.0.17.0_neutral__8xx8rvfyw5nnt [2021-10-02] (Instagram)
Kobo eBooks -> C:\Program Files\WindowsApps\KoboInc.KoboBooks_5.2.37.0_x86__vk8qsnw174y90 [2020-12-17] (Kobo Inc)
MetaMoJi Note Lite -> C:\Program Files\WindowsApps\MetaMoJiCorporation.NoteAnytimeLite_3.7.13.0_x64__dprdgbsyk6pqc [2020-04-30] (MetaMoJi Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2020-08-02] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-05-27] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-05-27] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.9220.0_x64__8wekyb3d8bbwe [2021-10-07] (Microsoft Studios) [MS Ad]
MPEG-2-videoudvidelse -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-18] (Microsoft Corporation)
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.1.1.0_x64__a2t3txkz9j1jw [2020-01-15] (MAGIX)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_3.27.1.0_x64__nfy108tqq3p12 [2021-02-20] (Thumbmunkeys Ltd)
Picsart - Photo Studio -> C:\Program Files\WindowsApps\2FE3CB00.PICSART-PHOTOSTUDIO_9.4.0.0_x64__crhqpqs3x1ygc [2021-10-04] (PicsArt Inc.)
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_6.1.67.0_x64__kx24dqmazqk8j [2021-10-14] (Random Salad Games LLC)
SuperPhoto Free -> C:\Program Files\WindowsApps\63099Moonlighting.SuperPhotoFree_2.2.4.0_x64__hths5t1tmnj8m [2017-07-07] (Moonlighting) [MS Ad]
Tilføjelsesprogram til Billeder -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2021-09-27] (Microsoft Corporation)
Tilføjelsesprogrammet Photos Media Engine -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2020-03-26] (Microsoft Corporation)
Vidmate Tube - Video Downloader -> C:\Program Files\WindowsApps\28619Prajakta-Patil.VidmateTube-VideoDownloader_1.2.12.0_x64__kxnpj9d1cxdgg [2020-09-23] (Prajakta-Patil) [MS Ad]
Word Mobile -> C:\Program Files\WindowsApps\Microsoft.Office.Word_16001.14326.20494.0_x64__8wekyb3d8bbwe [2021-10-14] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\zilje\AppData\Local\GoToMeeting\19228\G2MOutlookAddin64.dll (LogMeIn, Inc. -> LogMeIn, Inc.)
CustomCLSID: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001_Classes\CLSID\{d1b22d3d-8585-53a6-acb3-0e803c7e8d2a}\localserver32 -> "C:\Users\zilje\AppData\Local\Microsoft\Teams\current\Teams.exe" --toast => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-24] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\ki126176.inf_amd64_694219dc1ebc939c\igfxDTCM.dll [2019-12-14] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-24] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-06-26] (Malwarebytes Corporation -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.voxacm160] => C:\WINDOWS\system32\vct3216.acm [82944 2003-05-21] (Voxware, Inc.) [File not signed]
HKLM\...\Drivers32: [msacm.scg726] => C:\WINDOWS\system32\scg726.acm [13239 2000-03-14] (SHARP Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.alf2cd] => C:\WINDOWS\system32\alf2cd.acm [38912 2003-05-21] (NCT Company) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINDOWS\system32\AC3ACM.acm [81920 2004-02-04] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lame] => C:\WINDOWS\system32\lame.ax [245760 2005-08-01] () [File not signed]
HKLM\...\Drivers32: [vidc.dvsd] => C:\WINDOWS\system32\mcdvd_32.dll [261632 2003-05-21] (MainConcept) [File not signed]
HKLM\...\Drivers32: [vidc.mpg4] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp42] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\WINDOWS\system32\mpg4c32.dll [413760 2002-08-20] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\WINDOWS\system32\xvidvfw.dll [139264 2004-07-03] () [File not signed]
HKLM\...\Drivers32: [vidc.DIVX] => C:\WINDOWS\system32\DivX.dll [638976 2003-05-22] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.VP60] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP61] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.VP62] => C:\WINDOWS\system32\vp6vfw.dll [438272 2004-12-10] (On2.com) [File not signed]
HKLM\...\Drivers32: [vidc.LAGS] => C:\WINDOWS\system32\lagarith.dll [216064 2011-12-07] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\zilje\Desktop\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=miilmjmgkdhdabfkjkilgecbhbchboem
ShortcutWithArgument: C:\Users\zilje\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apps\Gmail.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=miilmjmgkdhdabfkjkilgecbhbchboem

==================== Loaded Modules (Whitelisted) =============

2020-11-27 05:38 - 2020-11-27 05:38 - 000961536 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2020-11-27 05:38 - 2020-11-27 05:38 - 001446400 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2021-08-24 14:45 - 2021-08-24 14:45 - 000073216 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 11:35 - 2017-05-08 11:35 - 000325632 _____ () [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\da_dk\acrotray.dan
2019-02-16 22:11 - 2016-07-21 12:54 - 000137728 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2019-02-16 22:11 - 2017-09-12 12:34 - 001506304 _____ () [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2020-11-18 11:14 - 2020-11-18 11:14 - 117340672 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2020-11-18 09:40 - 2020-11-18 09:40 - 000323072 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2020-11-18 09:40 - 2020-11-18 09:40 - 005441536 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2017-04-18 10:23 - 2014-03-05 11:18 - 000040448 _____ () [File not signed] C:\WINDOWS\System32\pdf995mon64.dll
2021-09-09 07:17 - 2021-09-09 07:17 - 000021504 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\da_dk\Acrobat Elements\ContextMenuShim64.dan
2021-08-24 14:45 - 2021-08-24 14:45 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2020-05-07 11:33 - 2017-07-19 13:56 - 000024576 _____ (Copyright (c) 2011 Code Industry LTD) [File not signed] C:\WINDOWS\System32\img_localmon.dll
2021-08-24 14:50 - 2021-08-24 14:50 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2021-08-24 14:45 - 2021-08-24 14:45 - 002711552 _____ (Garmin International) [File not signed] [File is in use] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 11:35 - 2017-05-08 11:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2021-08-24 14:45 - 2021-08-24 14:45 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2021-08-24 14:47 - 2021-08-24 14:47 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2019-02-04 19:56 - 2017-05-23 16:59 - 000494080 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\Lightshot.dll
2019-02-04 19:56 - 2017-05-23 16:59 - 000256000 _____ (Skillbrains) [File not signed] C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.35\uploader.dll
2020-11-18 09:39 - 2020-11-18 09:39 - 000843264 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2019-02-16 22:11 - 2017-09-12 12:36 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 
==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://hp15-comm.msn.com/?pc=HRTE
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.dk/
SearchScopes: HKLM -> {F93A0EF0-5D20-4217-8427-5FEDC7AE84AF} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {F93A0EF0-5D20-4217-8427-5FEDC7AE84AF} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> DefaultScope {DA650516-E994-480F-9D48-BB3938F24F51} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://dk.search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10300_FYD_170601__yaie&p={searchTerms}
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> {DA650516-E994-480F-9D48-BB3938F24F51} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001 -> {F93A0EF0-5D20-4217-8427-5FEDC7AE84AF} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-10-27] (HP Inc. -> HP Inc.)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2017-08-01] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-10-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\sharepoint.com -> hxxps://dmjx365-files.sharepoint.com
IE trusted site: HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 09:24 - 2019-01-06 10:43 - 000000851 _____ C:\WINDOWS\system32\drivers\etc\hosts

2018-11-02 13:26 - 2018-11-02 13:26 - 000000445 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-2590093458-1854914899-3869129534-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
HKU\S-1-5-21-2590093458-1854914899-3869129534-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 212.10.10.5 - 212.10.10.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A598A22A-E07F-4618-AE20-6AB1C3FE9036}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe => No File
FirewallRules: [{B3F2B2A3-5872-47CA-948D-8F79A8A38BF0}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe => No File
FirewallRules: [{9BF90470-DEC7-4306-8840-D0DEE27A57C2}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe => No File
FirewallRules: [{16333276-5205-46F6-AEAE-352695C1ADF1}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{72499912-29BD-4F70-9446-600DC25045A3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F181E6ED-4C39-4153-9A28-FCF1FD06AE2B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{500EF119-870E-4658-BB6E-B3533F896636}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{85698199-20F7-4962-AE65-4854011055A5}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CD87525B-41F2-445C-B4A6-28C7BC34C5EF}] => (Allow) C:\Program Files\CyberLink\PowerDirector14\PDR10.EXE => No File
FirewallRules: [{275A5067-E1BF-4F29-986E-F93FD3A05F8D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe => No File
FirewallRules: [{D776E919-1F72-4D23-B8B3-366EAFA10944}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{79562174-E202-488F-88DC-0ABF4F06CE04}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0F97F6BF-0D49-4281-877B-5B921E36A8C9}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{49058E8F-7374-49AE-8B39-95D43A3A0573}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{67888BA5-28F4-46CF-99BC-9863B7FE24A8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CA0F08A9-A055-4E35-92E6-11014AB36583}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{9D0DA92B-ED7C-4ACA-8271-27D8CB61AD17}] => (Allow) LPort=2869
FirewallRules: [{825A38FE-D8F1-4B48-97A1-032556CC166C}] => (Allow) LPort=1900
FirewallRules: [{C2B1F017-072B-4079-A74D-E0CAA2A315C5}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{51D65FCF-26F5-4AA5-B792-E61319BD4229}] => (Allow) C:\Users\zilje\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{6D2E5FF2-C0E5-45D3-9E82-1F7DBA3BA3CC}] => (Allow) C:\Users\zilje\AppData\Roaming\Zoom\bin\airhost.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [{F994057C-DA9B-4F1D-B964-14D284F69827}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{B0DD30E5-9200-45F2-858A-D45D7504A36E}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\VideoEditor.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{C38EAABD-0484-4D22-BBC2-79357DEC3279}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{C6A5989F-29A1-45D1-B702-67E1F3DE4356}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Activation.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{E298095A-76EB-4168-AF6C-6B35757E5085}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{665D9CB6-7B4E-4843-A365-1C98E5C0DB08}] => (Allow) C:\Program Files\FlashIntegro\VideoEditor\Updater.exe (Vector Ltd. -> Flash-Integro LLC)
FirewallRules: [{A5485354-43BA-436B-B8ED-23DCB68ACEFF}] => (Allow) LPort=5354
FirewallRules: [{9A963C7E-38E4-422D-9500-02616DA100E2}] => (Allow) LPort=5354
FirewallRules: [{CEF339FF-953A-4231-85BF-07EC19999D04}] => (Allow) LPort=5354
FirewallRules: [{77A9CC4A-C38C-4B5B-9783-5986177BC730}] => (Allow) LPort=5354
FirewallRules: [{1EFAFDE1-2D29-4180-93D5-F3CD80D021CF}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{D2FDDCF3-9326-4088-BB0A-EADFD47D1DF7}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{21B1F432-1C91-4F48-8BEB-CF5696923FEF}] => (Allow) C:\ProgramData\Sony Mobile\Update Engine\{D2FDDCF3-9326-4088-BB0A-EADFD47D1DF7}\Sony Mobile Update Engine.exe (Sony Mobile Communications AB -> )
FirewallRules: [{63051DE7-D99C-4A07-B5CA-D0FAB8AE7571}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{2F584720-2971-4088-A637-4C5F718B487E}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{5622DBC5-42FA-4406-B4C7-4E76B7811CAB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{ABBFF184-8C1E-49C2-8998-9F5EC50B5624}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{99396905-B912-4F51-A35A-25E56AFC22F2}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{38913432-AC42-4F16-8067-210B36277071}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{499EB782-05B8-405E-8E2F-554CC25F1F7A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.74.152.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{012A9606-2BBA-4357-B433-5C708CE023D0}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9E408DF2-2EB8-4868-8DB1-0BCA5601BDAB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{FF8425AF-F738-46EE-8FC6-C4CBDB058E05}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A232F825-FF6F-40CA-B0A2-3C48B1C5C0CB}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{D39773D3-9343-45F1-B7A8-F3C2B53F4956}C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{2D8B2EE1-BD5A-4ACE-AB41-603DF8AF9746}C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{CCB6E1FC-D15C-47E8-9966-E9BD81275016}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{7319559C-86D0-4C35-94D1-20E9F6C108F9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{34B1580B-EA74-44CA-A71D-F00B8D244ECC}] => (Allow) C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanion.exe (Sony Nordic (Sweden), Filial till Sony Europe B.V.(NL) -> Sony)
FirewallRules: [{FBC5DB36-7655-4C0E-AB8E-3B4B593479B5}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{DBA85A6E-B8DA-4F69-964F-0A9E58FDD4B9}] => (Block) C:\Program Files\AVAST Software\Avast\AvastUI.exe (Avast Software s.r.o. -> AVAST Software)
FirewallRules: [{0EE8ECA1-6C0B-4EF1-BE07-637E0090CF35}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{86992FF0-7E53-43D2-9E34-17BD761294E1}C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [UDP Query User{A0012941-B3CB-404C-BB69-CCA494D7C61F}C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\zilje\appdata\local\microsoft\teams\current\teams.exe => No File
FirewallRules: [{364656B9-EB3A-47B7-AE3F-6AA3E20590AE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{87ADA600-CDA1-41CE-9AFD-599AD882EA71}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{3C91F8A4-DBF1-40EE-A071-CECB5D085ECC}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\94.0.992.47\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-10-2021 10:34:54 Installationsprogram til Windows-moduler
15-10-2021 10:42:55 Installationsprogram til Windows-moduler
16-10-2021 09:23:27 Removed EPUB Converter 20.8.1.
16-10-2021 10:38:21 Removed Python 2.7.8 (64-bit)
16-10-2021 10:44:03 HPSF Applying updates

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (10/16/2021 10:47:25 AM) (Source: Microsoft-Windows-PerfNet) (EventID: 2004) (User: LAPTOP-VBPC1UMB)
Description: Ydelsesobjektet for servertjenesten kan ikke åbnes. De første fire byte (DWORD) af dataafsnittet indeholder statuskoden.

Error: (10/16/2021 09:02:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: FRST64.exe, version: 12.10.2021.0, tidsstempel: 0x616540ad
Navn på modul med fejl: FRST64.exe, version: 12.10.2021.0, tidsstempel: 0x616540ad
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x0000000000026629
Proces-id 0x391c
Programmets starttidspunkt 0x01d7c25ba30b4a61
Programsti: C:\Users\zilje\Downloads\FRST64.exe
Modulsti: C:\Users\zilje\Downloads\FRST64.exe
Rapport-id: 3a33949f-ba2e-45ce-9004-640102e23614
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (10/16/2021 08:47:21 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: YouTubeDownloader.exe, version: 4.6.1037.0, tidsstempel: 0x5d7f99fe
Navn på modul med fejl: accessibility_sdk_64.dll, version: 0.0.0.0, tidsstempel: 0x5d2f1619
Undtagelseskode: 0xc000041d
Forskydning med fejl 0x0000000000010ad3
Proces-id 0xfe4
Programmets starttidspunkt 0x01d7c2591e0f6c89
Programsti: C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
Modulsti: C:\Program Files (x86)\YouTube Downloader\accessibility_sdk_64.dll
Rapport-id: 68aa00aa-c8db-4df6-bbe1-03f92cf6bafe
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (10/16/2021 08:47:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: YouTubeDownloader.exe, version: 4.6.1037.0, tidsstempel: 0x5d7f99fe
Navn på modul med fejl: accessibility_sdk_64.dll, version: 0.0.0.0, tidsstempel: 0x5d2f1619
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x0000000000010ad3
Proces-id 0xfe4
Programmets starttidspunkt 0x01d7c2591e0f6c89
Programsti: C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
Modulsti: C:\Program Files (x86)\YouTube Downloader\accessibility_sdk_64.dll
Rapport-id: 14784782-9f6e-4b39-99dd-e5f07f9ec5ab
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (10/16/2021 08:47:17 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Program: YouTubeDownloader.exe
Framework-version: v4.0.30319
Beskrivelse: Denne proces blev afsluttet pga. en ubehandlet undtagelse.
Undtagelsesoplysninger: undtagelseskoden c0000005, undtagelsesadressen 00007FFEF68F0AD3

Error: (10/16/2021 01:20:31 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (10/15/2021 10:36:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: YouTubeDownloader.exe, version: 4.6.1037.0, tidsstempel: 0x5d7f99fe
Navn på modul med fejl: accessibility_sdk_64.dll, version: 0.0.0.0, tidsstempel: 0x5d2f1619
Undtagelseskode: 0xc000041d
Forskydning med fejl 0x0000000000010ad3
Proces-id 0x23bc
Programmets starttidspunkt 0x01d7c19f26609cbe
Programsti: C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
Modulsti: C:\Program Files (x86)\YouTube Downloader\accessibility_sdk_64.dll
Rapport-id: f042615f-c197-4612-9f87-7f85dbb4560f
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:

Error: (10/15/2021 10:36:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Navn på program med fejl: YouTubeDownloader.exe, version: 4.6.1037.0, tidsstempel: 0x5d7f99fe
Navn på modul med fejl: accessibility_sdk_64.dll, version: 0.0.0.0, tidsstempel: 0x5d2f1619
Undtagelseskode: 0xc0000005
Forskydning med fejl 0x0000000000010ad3
Proces-id 0x23bc
Programmets starttidspunkt 0x01d7c19f26609cbe
Programsti: C:\Program Files (x86)\YouTube Downloader\YouTubeDownloader.exe
Modulsti: C:\Program Files (x86)\YouTube Downloader\accessibility_sdk_64.dll
Rapport-id: 4f55bbe5-f2f5-4497-8a1b-a2d3ad96a8d5
Fuldt navn på program med fejl:
Relativt program-id for program med fejl:


System errors:
=============
Error: (10/16/2021 10:49:15 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Fejlen "1115" opstod på DCOM under forsøg på at starte tjenesten wuauserv med argumenterne "Ikke tilgængelig" for at køre serveren:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Error: (10/16/2021 10:49:14 AM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Fejlen "1115" opstod på DCOM under forsøg på at starte tjenesten BITS med argumenterne "Ikke tilgængelig" for at køre serveren:
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (10/16/2021 10:49:04 AM) (Source: DCOM) (EventID: 10010) (User: LAPTOP-VBPC1UMB)
Description: Serveren {9BA05972-F6A8-11CF-A442-00A0C90A8F39} blev ikke registreret af DCOM inden for det specificerede tidsrum.

Error: (10/16/2021 08:40:06 AM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-VBPC1UMB)
Description: Fejlen "1053" opstod på DCOM under forsøg på at starte tjenesten BcastDVRUserService_762d887 med argumenterne "Ikke tilgængelig" for at køre serveren:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (10/16/2021 08:40:06 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten GameDVR og udsend brugertjeneste_762d887 kunne ikke starte pga. følgende fejl:
Tjenesten svarede ikke på en start- eller kontrolanmodning inden for det forventede tidsinterval.

Error: (10/16/2021 08:40:06 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Der opstod timeout (30000 millisekunder), mens systemet ventede på, at der blev oprettet forbindelse til tjenesten GameDVR og udsend brugertjeneste_762d887.

Error: (10/14/2021 10:11:14 PM) (Source: DCOM) (EventID: 10005) (User: LAPTOP-VBPC1UMB)
Description: Fejlen "1053" opstod på DCOM under forsøg på at starte tjenesten BcastDVRUserService_d5d5d med argumenterne "Ikke tilgængelig" for at køre serveren:
Windows.Media.Capture.Internal.AppCaptureShell

Error: (10/14/2021 10:11:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten GameDVR og udsend brugertjeneste_d5d5d kunne ikke starte pga. følgende fejl:
Tjenesten svarede ikke på en start- eller kontrolanmodning inden for det forventede tidsinterval.


CodeIntegrity:
===============
Date: 2021-10-16 11:01:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\x86\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-10-16 10:56:35
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVAST Software\Avast\AvastSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\setup\uat_3056.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-10-16 10:51:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2021-10-16 10:50:47
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVAST Software\Avast\aswAMSI.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.52 05/02/2019
Motherboard: HP 8213
Processor: Intel(R) Core(TM) i5-7200U CPU @ 2.50GHz
Percentage of memory in use: 66%
Total physical RAM: 8077.22 MB
Available physical RAM: 2721.11 MB
Total Virtual: 18424.96 MB
Available Virtual: 12842.84 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:222.19 GB) (Free:29.67 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.23 GB) (Free:0.95 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{aea53229-982d-47c4-bc53-8f0c39f82b37}\ () (Fixed) (Total:1.77 GB) (Free:0.87 GB) NTFS
\\?\Volume{987de829-a033-4050-b0d9-192ac5e43b00}\ () (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: BE0DAE1F)

Partition: GPT.

==================== End of Addition.txt =======================
 
I don't see anything malicious there.
The error message is most likely due to some problems with Adobe Acrobat extension.
Try to disable it and see if the error still occurs.
 
Broni said:
I don't see anything malicious there.
The error message is most likely due to some problems with Adobe Acrobat extension.
Try to disable it and see if the error still occurs.
Click to expand...
You are a hero - it works now!
Thank you so much for your help
 
You must log in or register to reply here.

Similar threads

uber_beetle
Infected with fake ad pop-ups - posting FRST and Addition
Replies
12
Views
783
uber_beetle
uber_beetle
A
Infected: Antivirus says it's Trojan:Script/Wacatac.H!ml
Replies
12
Views
2K
adidaman27
A
wshknwntlprtmn
  • Locked
Inactive Not sure what's going on here....
Replies
12
Views
2K
Broni
Broni

Latest posts

Back