Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-12-2019 Ran by kimbr (26-12-2019 15:59:36) Running from C:\Users\kimbr\Desktop Windows 10 Pro Version 1903 18362.418 (X64) (2019-07-16 11:47:29) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-1124031235-3600867453-2217850625-500 - Administrator - Disabled) Gjest (S-1-5-21-1124031235-3600867453-2217850625-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-1124031235-3600867453-2217850625-1003 - Limited - Enabled) kimbr (S-1-5-21-1124031235-3600867453-2217850625-1001 - Administrator - Enabled) => C:\Users\kimbr postgres (S-1-5-21-1124031235-3600867453-2217850625-1006 - Limited - Enabled) => C:\Users\postgres Standardkonto (S-1-5-21-1124031235-3600867453-2217850625-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1124031235-3600867453-2217850625-504 - Limited - Disabled) ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 7-Zip 18.05 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1805-000001000000}) (Version: 18.05.00.0 - Igor Pavlov) Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.303 - Adobe) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.303 - Adobe) Any Video Converter 6.2.0 (HKLM-x32\...\Any Video Converter) (Version: 6.2.0 - Anvsoft) ApexDC++ 1.6.5 (HKLM\...\{43D1A6DC-F2D3-4EBC-8851-CC8B9C0C8763}_is1) (Version: 1.6.5 - ApexDC++ Development Team) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.14 - Michael Tippach) ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.7.4 - ASUS) AVG Zen (HKLM\...\{887BEDEC-71C1-4EB5-8C4A-81A87D05024D}) (Version: 1.82.2 - AVG Technologies) Hidden AVS Audio Converter 8.1.1 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.1.1.549 - Online Media Technologies Ltd.) calibre (HKLM-x32\...\{7303645B-7FEE-4435-887C-20F58362A18F}) (Version: 2.73.0 - Kovid Goyal) Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - Canon Inc.) Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version: - ) Canon Quick Menu (HKLM-x32\...\CanonQuickMenu) (Version: 2.7.0 - Canon Inc.) CCleaner (HKLM\...\CCleaner) (Version: 5.63 - Piriform) CD Recovery Toolbox Free 2.2 (HKLM-x32\...\CD Recovery Toolbox Free_is1) (Version: - File Master LLC) CDisplayEx 1.10.29 (HKLM\...\CDisplayEx_is1) (Version: - Progdigy Software S.A.R.L.) ComicRack v0.9.178 (HKLM\...\ComicRack) (Version: v0.9.178 - cYo Soft) COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952440168}) (Version: 1.16.650.0 - COMODO) Hidden COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952458953}) (Version: 1.21.792.0 - COMODO) Hidden COMODO Cloud Antivirus (HKLM-x32\...\{9E04F23D-3E2E-4A62-AEBF-8BC952465847}) (Version: 1.21.842.0 - COMODO) Hidden COMODO Cloud Antivirus (HKLM-x32\...\COMODO Cloud Antivirus_list_uninstall) (Version: 1.21.465847.842 - COMODO) Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 49.13.20.400 - Comodo) Core Temp 1.14 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.14 - ALCPU) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden Doraemon Story of Seasons (HKLM-x32\...\Doraemon Story of Seasons_is1) (Version: - ) Dreamfall Chapters: The Final Cut (HKLM-x32\...\Dreamfall Chapters: The Final Cut_is1) (Version: - ) DriveHUD (HKLM-x32\...\{C2B7BD70-34ED-4F79-BD27-A20DFA34F104}) (Version: 1.4.2159 - Ace Poker Solutions) Hidden DVD Profiler Version 3.9.1 (HKLM-x32\...\InvelosDVDProfiler_is1) (Version: - ) EaseUS Partition Master 13.5 (HKLM-x32\...\EaseUS Partition Master_is1) (Version: - EaseUS) Emby Server (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Emby Server) (Version: 4.0 - Emby Team) Epic Games Launcher (HKLM-x32\...\{0E63B233-DC24-442C-BD38-0B91D90FEC5B}) (Version: 1.1.167.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Evernote v. 6.21.2 (HKLM-x32\...\{50BD5F92-DB34-11E9-A489-005056951CAD}) (Version: 6.21.2.8716 - Evernote Corp.) Exact Audio Copy 1.1 (HKLM-x32\...\Exact Audio Copy) (Version: 1.1 - Andre Wiethoff) ExpressVPN (HKLM-x32\...\{582c2bdb-cc56-4f77-a3a6-6868c1d4e24b}) (Version: 7.2.2.8912 - ExpressVPN) ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B846ED9A01}) (Version: 7.2.2.8912 - ExpressVPN) Hidden FileZilla Client 3.44.2 (HKLM-x32\...\FileZilla Client) (Version: 3.44.2 - Tim Kosse) FMW 1 (HKLM\...\{4E053706-596F-4844-91E3-C925E5E1B55C}) (Version: 1.112.3 - AVG Technologies) Hidden foobar2000 v1.3.10 (HKLM-x32\...\foobar2000) (Version: 1.3.10 - Peter Pawlowski) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.) FreeCommander XE (HKLM-x32\...\FreeCommander XE_is1) (Version: - Marek Jasinski) Frostpunk (HKLM-x32\...\Frostpunk_is1) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Chrome (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Google Chrome) (Version: 79.0.3945.88 - Google LLC) Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.421 - Google LLC) Hidden Hakchi2 CE (HKLM-x32\...\Hakchi2 CE) (Version: - Team Shinkansen) Hetman Partition Recovery 2.8 (HKLM-x32\...\Hetman Partition Recovery) (Version: - ) Hitman 2 Gold Edition MULTi12 - ElAmigos version 2.10.1 (HKLM-x32\...\{45F82E0A-D0E3-49A0-AAC0-1DB8E51A0480}_is1) (Version: 2.10.1 - Warner Bros Interactive) IObit Uninstaller 8 (HKLM-x32\...\IObitUninstall) (Version: 8.3.0.11 - IObit) Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) Java 8 Update 231 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180231F0}) (Version: 8.0.2310.11 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden LAV Filters 0.63.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.63.0 - Hendrik Leppkes) LibreOffice 6.0.3.2 (HKLM\...\{9739EFFE-C402-4A4B-AE2E-092682D1D07B}) (Version: 6.0.3.2 - The Document Foundation) MakeMKV v1.14.5 (HKLM-x32\...\MakeMKV) (Version: v1.14.5 - GuinpinSoft inc) Malwarebytes version 4.0.4.49 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.0.4.49 - Malwarebytes) Microsoft .NET Core Runtime - 3.0.0 (x64) (HKLM-x32\...\{79b1fbff-b66d-4a42-83f3-f471437849aa}) (Version: 3.0.0.28117 - Microsoft Corporation) Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation) Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\OneDriveSetup.exe) (Version: 19.192.0926.0012 - Microsoft Corporation) Microsoft Project Professional 2019 - en-us (HKLM\...\ProjectPro2019Retail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation) Microsoft Visio Professional 2019 - en-us (HKLM\...\VisioPro2019Retail - en-us) (Version: 16.0.12228.20364 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.23.27820 (HKLM-x32\...\{852adda4-4c78-4a38-b583-c0b360a329d6}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.23.27820 (HKLM-x32\...\{45231ab4-69fd-486a-859d-7a59fcd11013}) (Version: 14.23.27820.0 - Microsoft Corporation) Microsoft Windows Desktop Runtime - 3.0.0 (x64) (HKLM-x32\...\{b86e696f-94f8-4ff3-a0e7-a12f4f9194d3}) (Version: 3.0.0.28117 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation) MiniTool Power Data Recovery 8.5 (HKLM\...\{E1BCD081-4BF4-4E2F-832A-911EC42EF3C5}_is1) (Version: 8.5 - MiniTool Software Limited) Mp3tag v2.95 (HKLM-x32\...\Mp3tag) (Version: 2.95 - Florian Heidenreich) MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 6.2.0.83 - MSI) My Time at Portia (HKLM-x32\...\My Time at Portia_is1) (Version: - ) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.3 - Notepad++ Team) NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.19 - NVIDIA Corporation) Hidden NVIDIA Driver for HD-lyd 1.3.38.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.21 - NVIDIA Corporation) NVIDIA GeForce Experience 3.20.0.118 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.20.0.118 - NVIDIA Corporation) NVIDIA Grafikkdriver 436.48 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 436.48 - NVIDIA Corporation) NVIDIA PhysX systemprogramvare 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.12228.20364 - Microsoft Corporation) Hidden OpenOffice 4.1.5 (HKLM-x32\...\{708F0253-F566-48F3-9B88-06F48F16548B}) (Version: 4.15.9789 - Apache Software Foundation) OrangeCD Suite version 6.5.7 (HKLM-x32\...\OrangeCD Suite_is1) (Version: - Codium Labs LLC) Plex Media Server (HKLM-x32\...\{11adedc6-abd6-4c3e-a37b-5d2c3159714c}) (Version: 1.16.3.1402 - Plex, Inc.) Plex Media Server (HKLM-x32\...\{51928EFC-2EBA-4CC2-8F0B-35AB3B96F1D2}) (Version: 1.16.1402 - Plex, Inc.) Hidden PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group) Progress Telerik Fiddler (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Fiddler2) (Version: 5.0.20192.25091 - Telerik) qBittorrent 4.1.7 (HKLM-x32\...\qBittorrent) (Version: 4.1.7 - The qBittorrent project) QuiteRSS version 0.18.9 (HKLM-x32\...\{372E76B7-3389-4057-B06A-53B104094844}_is1) (Version: 0.18.9 - QuiteRSS Team) Railroad Corporation (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Railroad Corporation) (Version: - HOODLUM) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.24.1208.2017 - Realtek) R-Linux 5.6 (HKLM-x32\...\R-Linux 5.6NSIS) (Version: 5.6.173595 - R-Tools Technology Inc.) R-Studio 8.10 (HKLM-x32\...\R-Studio 8.10NSIS) (Version: 8.10.173987 - R-Tools Technology Inc.) Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.) Screenshot Captor 4.16.1 (HKLM-x32\...\ScreenshotCaptor_is1) (Version: - ) Skype versjon 8.53 (HKLM-x32\...\Skype_is1) (Version: 8.53 - Skype Technologies S.A.) Slack (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\slack) (Version: 4.2.0 - Slack Technologies Inc.) Snagit 13 (HKLM-x32\...\{2D2045B7-AF91-409C-87F6-99E263CDC13F}) (Version: 13.0.3 - TechSmith Corporation) Hidden Snagit 13 (HKLM-x32\...\{f29bb215-650d-41d0-bf32-cf9a4dc25055}) (Version: 13.0.3.7011 - TechSmith Corporation) Sniper Ghost Warrior Contracts (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Sniper Ghost Warrior Contracts) (Version: - HOODLUM) Spotify (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\Spotify) (Version: 1.1.18.611.g9cc9bdc9 - Spotify AB) Spyder2express (HKLM-x32\...\Spyder2express) (Version: - ) Stardew Valley (HKLM-x32\...\1453375253_is1) (Version: 2.4.0.6 - GOG.com) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stopping Plex (HKLM-x32\...\{D4E8F43C-F61F-4A10-87B3-86F3018F8982}) (Version: 1.16.1402 - Plex, Inc.) Hidden Surviving Mars (HKLM-x32\...\2129244347_is1) (Version: 228,184 - GOG.com) Tag&Rename 3.9.5 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.9.5 - Softpointer Inc) TeaTV version 1.5.0 (HKLM-x32\...\{A8C3DF97-73C2-479D-9B75-3DFA3FC6DEB1}_is1) (Version: 1.5.0 - TeaTV) Telegram Desktop version 1.8.15 (HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.8.15 - Telegram FZ-LLC) TomTom MyDrive Connect 4.2.5.3770 (HKLM-x32\...\MyDriveConnect) (Version: 4.2.5.3770 - TomTom) Transport Fever 2 (HKLM-x32\...\Transport Fever 2_is1) (Version: - ) TuneUp 3.0.0.35 (HKLM-x32\...\TuneUpMedia) (Version: 3.0.0.35 - TuneUp Media, Inc.) TurboTipp2017Privat (HKLM-x32\...\{5B50E924-1574-419E-8946-360A7CA77B5F}) (Version: 1.00.0000 - Turbotipp AS) Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C3ACFCEA-240F-4DCC-A0C3-DD55FEE6C3C2}) (Version: 2.58.0.0 - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.8 - VideoLAN) Windows Driver Package - Disc Soft Ltd (dtlitescsibus) SCSIAdapter (09/24/2015 5.28.0.0) (HKLM\...\4EB6CA6F52DDDFB1FA28A8532572B8797944D732) (Version: 09/24/2015 5.28.0.0 - Disc Soft Ltd) Windows Driver Package - Disc Soft Ltd (dtliteusbbus) USB (12/28/2015 3.04.0.0) (HKLM\...\8D3A5207780123D5CB48E030DC557E7059C03DA3) (Version: 12/28/2015 3.04.0.0 - Disc Soft Ltd) Windows Driver Package - Intel (MEIx64) System (07/07/2015 11.0.0.1157) (HKLM\...\0B20AD533A71C19F1C9AC8BB34246A06D7EAD201) (Version: 07/07/2015 11.0.0.1157 - Intel) Windows Driver Package - Logitech (HidUsb) HIDClass (08/31/2012 1.10.77.0) (HKLM\...\13ECE5626C3448D53FE44D4B60E741FD0ED74C53) (Version: 08/31/2012 1.10.77.0 - Logitech) Windows Driver Package - NVIDIA (nvlddmkm) Display (10/27/2017 23.21.13.8813) (HKLM\...\E1F6A38AAEE6AFF5FB642EB83703503D0855954E) (Version: 10/27/2017 23.21.13.8813 - NVIDIA) Windows Driver Package - NVIDIA Corporation (NVHDA) MEDIA (10/27/2017 1.3.35.1) (HKLM\...\47E524773B97C7B9B8CB1F5A929FFF07B9C0D239) (Version: 10/27/2017 1.3.35.1 - NVIDIA Corporation) Windows Driver Package - TAP Provider V9 for Private Tunnel (ptun0901) Net (04/21/2016 9.00.00.21) (HKLM\...\DCB0C54C405F3DC173006A74EB5E52D68FB6A254) (Version: 04/21/2016 9.00.00.21 - TAP Provider V9 for Private Tunnel) Windows Driver Package - TAP-NordVPN Windows Provider V9 (tapnordvpn) Net (04/08/2014 9.00.00.21) (HKLM\...\5A7530EAC0BF57353D555681D8107D0DD8854D2B) (Version: 04/08/2014 9.00.00.21 - TAP-NordVPN Windows Provider V9) Windows Driver Package - TAP-Windows Provider V9 (tap0901) Net (04/21/2016 9.00.00.21) (HKLM\...\94A5CE8ED7633ED77531B6CB14CEB1927C5CAE1F) (Version: 04/21/2016 9.00.00.21 - TAP-Windows Provider V9) Windows Driver Package - TunnelBear Provider V9 (tap-tb-0901) Net (07/02/2012 9.00.00.9) (HKLM\...\FA663AD53A29818EAEDB36449A24A6DEB2505653) (Version: 07/02/2012 9.00.00.9 - TunnelBear Provider V9) WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH) WinSCP 5.13.3 (HKLM-x32\...\winscp3_is1) (Version: 5.13.3 - Martin Prikryl) Packages: ========= Batman: The Enemy Within - The Telltale Series -> C:\Program Files\WindowsApps\TelltaleGames.BatmanTheEnemyWithin-TheTelltaleSeri_1.0.5.0_x64__4p9dzwrngadje [2019-11-15] (Telltale Games) Batman: The Telltale Series -> C:\Program Files\WindowsApps\TelltaleGames.BatmanTheTelltaleSeries_2.0.1.0_x64__4p9dzwrngadje [2019-11-14] (Telltale Games) Cue Billiard Club: 8 Ball Pool & Snooker -> C:\Program Files\WindowsApps\2724ZOLTNGUBICS.SKYCUECLUB89BALLPOOLBILLIARDSSNOOK_1.4.7.0_x86__d5xggy273m32g [2019-11-12] (Zoltán Gubics) [MS Ad] iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa [2019-12-14] (Apple Inc.) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad] Microsoft Eksternt skrivebord -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.1.1107.0_x86__8wekyb3d8bbwe [2019-09-06] (Microsoft Corporation) Microsoft News: Nyheter fra norske medier -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-13] (Microsoft Studios) [MS Ad] MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] MSN Vær -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] MSN Økonomi -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.34.13393.0_x64__8wekyb3d8bbwe [2019-12-18] (Microsoft Corporation) [MS Ad] Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.95.602.0_x64__mcm4njqhnhss8 [2019-10-25] (Netflix, Inc.) Storytel -> C:\Program Files\WindowsApps\Storytel.Storytel_2017.9.21.0_x64__j612155g63ybe [2019-06-16] (Storytel) Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-1124031235-3600867453-2217850625-1001_Classes\CLSID\{540C17A8-04F2-4B66-95D7-B2FEF9A19B54}\InprocServer32 -> C:\Users\kimbr\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-1124031235-3600867453-2217850625-1001_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\kimbr\AppData\Local\Google\Chrome\Application\79.0.3945.88\notification_helper.exe (Google LLC -> Google LLC) CustomCLSID: HKU\S-1-5-21-1124031235-3600867453-2217850625-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\kimbr\AppData\Local\Google\Update\1.3.35.422\psuser_64.dll (Google LLC -> Google LLC) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2017-01-01] (Notepad++ -> ) ContextMenuHandlers1: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers1: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed] ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2016-10-10] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers1: [TagRenameShellExt] -> {B806EC81-446D-40C8-A955-315B8519E938} => C:\Program Files (x86)\TagRename\TRShell64.dll [2015-05-12] (Softpointer Inc -> Sofpointer Inc) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers2: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed] ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers4: [Mp3tagShell] -> {6351E20C-35FA-4BE3-98FB-4CABF1363E12} => C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll [2019-04-18] (Florian Heidenreich) [File not signed] ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 13\DLLx64\SnagitShellExt64.dll [2016-10-10] (TechSmith Corporation -> TechSmith Corporation) ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-09-27] (NVIDIA Corporation -> NVIDIA Corporation) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2018-04-30] (Igor Pavlov) [File not signed] ContextMenuHandlers6: [Comodo Cloud Antivirus] -> {299C868F-0FB0-46B2-8973-205982E04C7D} => C:\Program Files (x86)\COMODO\COMODO Cloud Antivirus\ccavhelper64.dll [2018-11-06] (Comodo Security Solutions, Inc. -> COMODO) ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd -> Piriform Ltd) ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\ConvertToPDFShellExtension_x64.dll [2019-09-23] (FOXIT SOFTWARE INC. -> Foxit Software Inc.) ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2018-07-21] (IObit Information Technology -> IObit) ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-12-26] (Malwarebytes Corporation -> Malwarebytes) ContextMenuHandlers6: [TagRenameShellExt] -> {B806EC81-446D-40C8-A955-315B8519E938} => C:\Program Files (x86)\TagRename\TRShell64.dll [2015-05-12] (Softpointer Inc -> Sofpointer Inc) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) Shortcut: C:\Users\kimbr\AppData\Roaming\Microsoft\Windows\Start Menu\Emby\Emby Server Dashboard.lnk -> hxxp://localhost:8096/web/dashboard.htm ShortcutWithArgument: C:\Users\kimbr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default ShortcutWithArgument: C:\Users\kimbr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\395fbb84ca74fb25\Dragon.lnk -> C:\Program Files (x86)\Comodo\Dragon\dragon.exe (Comodo) -> --profile-directory=Default ==================== Loaded Modules (Whitelisted) ============= 2018-04-25 10:14 - 2014-07-22 10:00 - 000172032 _____ () [File not signed] c:\postgreSQL\bin\LIBPQ.dll 2018-04-25 10:14 - 2012-08-14 14:19 - 000999424 _____ () [File not signed] c:\postgreSQL\bin\libxml2.dll 2018-12-11 15:21 - 2017-08-02 14:48 - 000237568 _____ () [File not signed] C:\Program Files (x86)\MSI\Gaming APP\LEDControl.dll 2018-12-11 15:21 - 2015-06-23 16:41 - 000082432 _____ (Fintek) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\FintekUSBDll.dll 2019-04-18 09:31 - 2019-04-18 09:31 - 000424448 _____ (Florian Heidenreich) [File not signed] C:\Program Files (x86)\Mp3tag\Mp3tagShell64.dll 2018-04-25 10:14 - 2006-05-03 21:57 - 000888832 _____ (Free Software Foundation) [File not signed] c:\postgreSQL\bin\iconv.dll 2018-04-25 10:14 - 2009-01-06 15:51 - 000968886 _____ (Free Software Foundation) [File not signed] c:\postgreSQL\bin\libiconv-2.dll 2018-04-25 10:14 - 2009-01-06 15:51 - 000083906 _____ (Free Software Foundation) [File not signed] c:\postgreSQL\bin\libintl-8.dll 2018-04-30 16:00 - 2018-04-30 16:00 - 000075776 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll 2018-04-25 10:14 - 2009-04-13 13:23 - 000012288 _____ (Massachusetts Institute of Technology.) [File not signed] c:\postgreSQL\bin\comerr32.dll 2018-04-25 10:14 - 2009-04-13 13:23 - 000135168 _____ (Massachusetts Institute of Technology.) [File not signed] c:\postgreSQL\bin\gssapi32.dll 2018-04-25 10:14 - 2009-04-13 13:23 - 000019968 _____ (Massachusetts Institute of Technology.) [File not signed] c:\postgreSQL\bin\k5sprt32.dll 2018-04-25 10:14 - 2009-04-13 13:23 - 000634880 _____ (Massachusetts Institute of Technology.) [File not signed] c:\postgreSQL\bin\krb5_32.dll 2018-04-25 10:14 - 2008-04-08 15:13 - 000348160 _____ (Microsoft Corporation) [File not signed] c:\postgreSQL\bin\MSVCR71.dll 2019-07-16 13:21 - 2019-07-16 13:21 - 000113664 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8a1dd9552ed7f8d8\ATL80.DLL 2016-05-16 22:07 - 2015-04-06 15:05 - 000151376 _____ (Online Media Technologies Ltd. -> Online Media Technologies Ltd.) [File not signed] C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll 2018-04-25 10:14 - 2014-06-09 12:44 - 001163264 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\postgreSQL\bin\LIBEAY32.dll 2018-04-25 10:14 - 2014-06-09 12:44 - 000286720 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] c:\postgreSQL\bin\SSLEAY32.dll 2018-12-11 15:21 - 2016-10-03 13:43 - 000399872 _____ (TODO: <公司名稱>) [File not signed] C:\Program Files (x86)\MSI\Gaming APP\Lib\SDKDLL.dll ==================== Alternate Data Streams (Whitelisted) ======== (If an entry is included in the fixlist, only the ADS will be removed.) AlternateDataStreams: C:\Users\Public\AppData:CSM [476] ==================== Safe Mode (Whitelisted) ================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service" ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-10-30 08:24 - 2019-10-23 17:19 - 000000761 _____ C:\WINDOWS\system32\drivers\etc\hosts 127.0.0.1 localhost 2017-10-12 01:08 - 2017-10-12 01:11 - 000000523 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 192.168.137.153 android-7b454000d247c69b.mshome.net # 2017 10 4 19 0 11 26 358 192.168.137.1 DESKTOP-13Q9QE5.mshome.net # 2022 10 2 11 0 11 26 358 ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> %SystemRoot%\system32\WBEM;C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Calibre2\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\Smart Projects\IsoBuster;C:\Users\kimbr\AppData\Local\Betfair Poker\data\QT;C:\Users\kimbr\AppData\Local\Betfair Poker\data\OpenSSL;C:\Users\kimbr\AppData\Local\Microsoft\WindowsApps;C:\Users\kimbr\AppData\Local\Programs\Fiddler;C:\Program Files\dotnet\ HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\kimbr\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-1124031235-3600867453-2217850625-1006\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg DNS Servers: 148.122.164.253 - 148.122.16.253 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\Services: ClickToRunSvc => 2 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\Services: TechSmith Uploader Service => 2 MSCONFIG\Services: WMPNetworkSvc => 2 HKLM\...\StartupApproved\Run32: => "wgpro" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-1124031235-3600867453-2217850625-1001\...\StartupApproved\Run: => "eM Client" ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{1356D32B-FB55-48D1-A165-CB86BFED6ADB}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{968AE6E1-3FFB-4F4C-B412-4120454948A0}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{1FBDE811-2181-4205-BA5D-4BC6772BBBE5}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [{DE20DD19-2EB7-4A06-ABA6-A9EEF22CE798}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe () [File not signed] FirewallRules: [TCP Query User{995C66E5-45CF-411F-95C8-D7EB0679B7B1}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [UDP Query User{B4093ED0-34B4-4E66-89CA-33DE53A9A353}C:\program files (x86)\plex\plex media server\plex media server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex media server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [TCP Query User{6D16E1BC-159A-4383-B652-D1A5606DA47D}C:\users\kimbr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kimbr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [UDP Query User{EB2A18DE-14BC-4292-8B3F-32E1198AF684}C:\users\kimbr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\kimbr\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd) FirewallRules: [TCP Query User{AF2FA5DC-7F45-4F36-82D5-D1B7DFECB53B}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [UDP Query User{050F0777-C125-4530-8DF3-72157CD455C4}C:\program files (x86)\plex\plex media server\plex dlna server.exe] => (Allow) C:\program files (x86)\plex\plex media server\plex dlna server.exe (Plex, Inc -> Plex, Inc.) FirewallRules: [{F46D384F-ED44-4882-9353-B71C5DC159F0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{C8791B85-BE0D-4552-9861-F0B0615B2F98}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation) FirewallRules: [{A3181227-DA71-47F1-8B7A-97F8AFC6064F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [{7A98E883-7CE1-4E2F-BE8F-15B8DE9C2BEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation) FirewallRules: [TCP Query User{4FDD77C8-7685-421F-B6B6-61DEDAF397BA}C:\users\kimbr\appdata\roaming\emby-server\system\embyserver.exe] => (Allow) C:\users\kimbr\appdata\roaming\emby-server\system\embyserver.exe (Emby LLC -> Emby) FirewallRules: [UDP Query User{2524A4BE-C9E5-4CB1-A49A-1DDF08871151}C:\users\kimbr\appdata\roaming\emby-server\system\embyserver.exe] => (Allow) C:\users\kimbr\appdata\roaming\emby-server\system\embyserver.exe (Emby LLC -> Emby) FirewallRules: [TCP Query User{EEBE49B4-2B4F-43C1-A8C1-173BFAEA04DE}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed] FirewallRules: [UDP Query User{6E83C576-6C93-4A18-A4B9-0EFF771B92F4}C:\program files\comicrack\comicrack.exe] => (Allow) C:\program files\comicrack\comicrack.exe () [File not signed] FirewallRules: [{9D26E237-B9BF-4923-8726-C36CB362ED9A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{027D37FB-3F8D-4F61-8E93-992B52D6F396}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{8C170032-B41B-442A-86B6-27D7B08BEDAD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{BAB1B8A6-1F5A-488D-9165-CAD7B197724D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{5611B742-EAB1-494A-B545-59D9AD171711}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{E0DE4A76-7E5B-4918-BA83-82DC5B934157}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{2E907A69-D6B8-4871-B1D2-D21E4DB1D36E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [{227B05A4-B40D-4E50-BFFD-60076B70754C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation) FirewallRules: [TCP Query User{DE91542F-4192-494D-BB21-4DBF95AD25D8}D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [UDP Query User{4897F1EA-8CA4-4BA3-986B-5FA7C71F495B}D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe] => (Allow) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [{5C56F4B0-173E-41BE-86B0-FB28547E2142}] => (Block) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [{78302C35-6DC5-4588-A6FB-5A496473D7C0}] => (Block) D:\steamlibrary\steamapps\common\the dark pictures anthology - man of medan\smg019\binaries\win64\manofmedan-win64-shipping.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [{C0D3D26A-ED00-4A7A-8E67-A93698703D83}] => (Allow) D:\SteamLibrary\steamapps\common\The Dark Pictures Anthology - Man of Medan\ManOfMedan.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [{BF7889BB-387F-4CBD-B837-1E9F8A48F294}] => (Allow) D:\SteamLibrary\steamapps\common\The Dark Pictures Anthology - Man of Medan\ManOfMedan.exe (BANDAI NAMCO Entertainment) [File not signed] FirewallRules: [{4C32B1C4-75A7-48D1-A12F-1AA4C9DE5300}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{F5F803C3-67C5-43E1-BFB2-AE26A08B1F4E}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Block) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed] FirewallRules: [UDP Query User{1100C924-7199-46B9-8929-7F17552B3A5E}D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe] => (Block) D:\sniper ghost warrior contracts\win_x64\sgwcontracts.exe (CI Games S.A.) [File not signed] FirewallRules: [{5DC05645-52C9-4EC0-BF05-A4F17024E183}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{64CC4864-3853-45EE-BEFD-92BBBF0BAC93}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{1490D71F-B74E-441B-B4EE-9BEBABC69BE1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{7AF2EF57-513C-4FBF-B663-66214D4065AF}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{4D860EB0-20E4-4E06-BA4B-C99207674264}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E3BDF952-04E8-4051-AD0B-B893FCEA9D7F}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{E55D7957-9521-4E11-AD01-AFD1EF3FBC21}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{C92CEC73-D477-4472-BA2E-8DAA24BA7E13}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12103.1.43048.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.) FirewallRules: [{9D0B35FB-4305-41F6-A65E-45702595892B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{CF54F5BB-9E79-45E1-891F-2870B77EA252}] => (Allow) C:\Users\kimbr\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) ==================== Restore Points ========================= 26-12-2019 14:22:10 Windows Update ==================== Faulty Device Manager Devices ============ ==================== Event log errors: ======================== Application errors: ================== Error: (12/26/2019 03:37:47 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (2644,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/26/2019 03:20:33 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (14924,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/26/2019 03:05:16 PM) (Source: ESENT) (EventID: 455) (User: ) Description: svchost (3968,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log. Error: (12/26/2019 02:59:22 PM) (Source: SetupARService) (EventID: 0) (User: ) Description: Tjenesten kan ikke startes. System.NullReferenceException: Objektreferanse er ikke satt til en objektforekomst. ved SetupAfterRebootService.SetupARService.OnStart(String[] args) ved System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state) Error: (12/26/2019 02:59:21 PM) (Source: PostgreSQL) (EventID: 0) (User: ) Description: 2019-12-26 14:59:21 CETFATAL: the database system is starting up Error: (12/26/2019 02:32:41 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-13Q9QE5) Description: microsoft.zunemusic_8wekyb3d8bbwe-2147023446 Error: (12/26/2019 02:32:41 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: DESKTOP-13Q9QE5) Description: microsoft.microsoftedge_8wekyb3d8bbwe-2147023446 Error: (12/26/2019 02:22:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Tjenesten Cryptographic Services mislyktes under behandling av OnIdentity()-kallet i systemskriverobjektet. Details: AddCorePnPFiles : Enumerating driver store published INFs failed. System Error: Ikke nok systemressurser til å fullføre den forespurte tjenesten. . System errors: ============= Error: (12/26/2019 04:00:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x800705aa: 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 for x64 (KB4533002). Error: (12/26/2019 03:06:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x800705aa: 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 for x64 (KB4533002). Error: (12/26/2019 02:59:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Tjenesten luafv kan ikke starte på grunn av følgende feil: Driveren er blokkert fra lasting Error: (12/26/2019 02:58:09 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Tjenesten Windows Update avsluttet ikke riktig etter å ha mottatt en forhåndsavslutningskontroll. Error: (12/26/2019 02:32:54 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x800705aa: 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 for x64 (KB4533002). Error: (12/26/2019 02:22:43 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x800705aa: 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 for x64 (KB4533002). Error: (12/26/2019 01:46:31 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Skyggekopiene av volum C: ble avbrutt fordi skyggekopilageret ikke kunne vokse på grunn av en brukerdefinert grense. Error: (12/26/2019 12:57:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET) Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x800705aa: 2019-12 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 1903 for x64 (KB4533002). Windows Defender: =================================== Date: 2019-12-26 15:12:00.166 Description: Skanning av Windows Defender Antivirus er stoppet før fullføring. Skanne-ID: {6B10E6F0-B4C1-4521-A8F0-EC4CB32EA07A} Skannetype: Beskyttelse mot skadelig programvare Skanneparametere: Hurtigskanning Bruker: DESKTOP-13Q9QE5\kimbr Date: 2019-12-26 13:34:24.360 Description: Windows Defender Antivirus oppdaget malware eller annen potensiellt uønsket programvare. For mer informasjon, se: https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:Win32/Stimilina.E!rfn&threatid=2147746366&enterprise=0 Navn: PWS:Win32/Stimilina.E!rfn ID: 2147746366 Alvorlighetsgrad: Alvorlig Kategori: Passordtyv Bane: file:_C:\ProgramData\setu.exe Deteksjonsgrunnlag: Lokal maskin Deteksjonsstype: FastPath Deteksjonsskilde: Sanntidsbeskyttelse Bruker: DESKTOP-13Q9QE5\kimbr Prosessnavn: C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe Versjon av sikkerhetsinformasjon: AV: 1.307.1149.0, AS: 1.307.1149.0, NIS: 1.307.1149.0 Motorversjon: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2019-12-26 13:33:06.778 Description: Windows Defender Antivirus oppdaget malware eller annen potensiellt uønsket programvare. For mer informasjon, se: https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:Win32/Stimilina.E!rfn&threatid=2147746366&enterprise=0 Navn: PWS:Win32/Stimilina.E!rfn ID: 2147746366 Alvorlighetsgrad: Alvorlig Kategori: Passordtyv Bane: file:_C:\ProgramData\setu.exe Deteksjonsgrunnlag: Lokal maskin Deteksjonsstype: FastPath Deteksjonsskilde: Sanntidsbeskyttelse Bruker: DESKTOP-13Q9QE5\kimbr Prosessnavn: C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe Versjon av sikkerhetsinformasjon: AV: 1.307.1149.0, AS: 1.307.1149.0, NIS: 1.307.1149.0 Motorversjon: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2019-12-26 13:32:58.011 Description: Windows Defender Antivirus oppdaget malware eller annen potensiellt uønsket programvare. For mer informasjon, se: https://go.microsoft.com/fwlink/?linkid=37020&name=PWS:Win32/Stimilina.E!rfn&threatid=2147746366&enterprise=0 Navn: PWS:Win32/Stimilina.E!rfn ID: 2147746366 Alvorlighetsgrad: Alvorlig Kategori: Passordtyv Bane: file:_C:\ProgramData\setu.exe Deteksjonsgrunnlag: Lokal maskin Deteksjonsstype: FastPath Deteksjonsskilde: Sanntidsbeskyttelse Bruker: DESKTOP-13Q9QE5\kimbr Prosessnavn: C:\Program Files (x86)\FreeCommander XE\FreeCommander.exe Versjon av sikkerhetsinformasjon: AV: 1.307.1149.0, AS: 1.307.1149.0, NIS: 1.307.1149.0 Motorversjon: AM: 1.1.16600.7, NIS: 1.1.16600.7 Date: 2019-12-14 04:18:22.268 Description: Skanning av Windows Defender Antivirus er stoppet før fullføring. Skanne-ID: {F62EED8E-AE50-4A67-A6EE-24D6E8DFC385} Skannetype: Beskyttelse mot skadelig programvare Skanneparametere: Hurtigskanning Bruker: NT-MYNDIGHET\SYSTEM CodeIntegrity: =================================== Date: 2019-12-26 16:00:54.844 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:56:54.812 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:56:22.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:55:54.817 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:52:22.249 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:52:21.613 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:52:14.033 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. Date: 2019-12-26 15:51:33.170 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\CcavGuard64.dll that did not meet the Microsoft signing level requirements. ==================== Memory info =========================== BIOS: Award Software International, Inc. FB 10/12/2011 Motherboard: Gigabyte Technology Co., Ltd. Z68AP-D3 Processor: Intel(R) Core(TM) i5-2400 CPU @ 3.10GHz Percentage of memory in use: 41% Total physical RAM: 12271.11 MB Available physical RAM: 7143.41 MB Total Virtual: 13487.11 MB Available Virtual: 7330.76 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:110.45 GB) (Free:21.71 GB) NTFS Drive d: (Nytt volum) (Fixed) (Total:3725.9 GB) (Free:304.54 GB) NTFS Drive e: (Reservert av systemet) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS ==>[system with boot components (obtained from drive)] Drive f: () (Fixed) (Total:831.11 GB) (Free:325.22 GB) NTFS Drive g: (windows 7) (Fixed) (Total:100.3 GB) (Free:52.68 GB) NTFS Drive h: () (Fixed) (Total:802.9 GB) (Free:4.31 GB) NTFS Drive i: (windows 77) (Fixed) (Total:128.61 GB) (Free:83.26 GB) NTFS \\?\Volume{025b54b6-0000-0000-0000-100000000000}\ (Reservert av systemet) (Fixed) (Total:0.49 GB) (Free:0.45 GB) NTFS \\?\Volume{025b54b6-0000-0000-0000-e0bb1b000000}\ () (Fixed) (Total:0.85 GB) (Free:0.33 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 025B54B6) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=110.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=873 MB) - (Type=27) ========================================================== Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DF2380AF) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=831.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=100.3 GB) - (Type=0F Extended) ========================================================== Disk: 2 (Size: 931.5 GB) (Disk ID: 33FB33FA) Partition: GPT. ========================================================== Disk: 3 (MBR Code: Windows 7/8/10) (Size: 3726 GB) (Disk ID: 075D5EBA) Partition: GPT. ==================== End of Addition.txt =======================