Jump to content

False or true Malware alert!


Recommended Posts

Hi! I ran a program to scan and it came up with some kits on Nvidia files, dont know why...false? Here is Rkill report

 

Rkill 2.9.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2021 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/07/2021 09:50:45 PM in x64 mode.
Windows Version: Windows 10 Pro

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Reparse Point/Junctions Found (These may be legitimate)!

     * C:\Windows\System32\drivers\nvlddmkm-patched\cudnn_infer64_7.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\cudnn_infer64_7.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nv3dappshext.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nv3dappshext.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nv3dappshextr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nv3dappshextr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvapi.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvapi.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvapi64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvapi64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcbl64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcbl64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcompiler.dll => ..\..\..\System32\nvcompiler.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcompiler32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcompiler32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcompiler64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcompiler64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcpl.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcpl.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuda.dll => ..\..\..\System32\nvcuda.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuda32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcuda32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuda64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcuda64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuvid.dll => ..\..\..\System32\nvcuvid.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuvid32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcuvid32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvcuvid64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvcuvid64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvd3dum.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvd3dum.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvd3dumx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvd3dumx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvd3dumx_cfg.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvd3dumx_cfg.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvd3dum_cfg.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvd3dum_cfg.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvDecMFTMjpeg.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvDecMFTMjpeg.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvDecMFTMjpegx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvDecMFTMjpegx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdevtools.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdevtools.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdevtoolsr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdevtoolsr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdisps.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdisps.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdispsr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdispsr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdlist.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdlist.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvdlistx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvdlistx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncMFTH264.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncMFTH264.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncMFTH264x.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncMFTH264x.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncMFThevc.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncMFThevc.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncMFThevcx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncMFThevcx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncodeAPI.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncodeAPI.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvEncodeAPI64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvEncodeAPI64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvfatbinaryLoader.dll => ..\..\..\System32\nvfatbinaryLoader.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvfatbinaryLoader32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvfatbinaryLoader32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvfatbinaryLoader64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvfatbinaryLoader64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvFBC.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvFBC.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvFBC64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvFBC64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvgames.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvgames.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvgamesr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvgamesr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvIFR.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvIFR.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvIFR64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvIFR64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvIFROpenGL.dll => ..\..\..\System32\NvIFROpenGL.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvIFROpenGL32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvIFROpenGL32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvIFROpenGL64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvIFROpenGL64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvldumd.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvldumd.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvldumdx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvldumdx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvlicensings.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvlicensings.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvlicensingsr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvlicensingsr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvmcumd.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvmcumd.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvml.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvml.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvngx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvngx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvofapi.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvofapi.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvofapi64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvofapi64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvoglv32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvoglv32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvoglv64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvoglv64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvopencl32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvopencl32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvopencl64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvopencl64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvoptix.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvoptix.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvptxJitCompiler.dll => ..\..\..\System32\nvptxJitCompiler.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvptxJitCompiler32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvptxJitCompiler32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvptxJitCompiler64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvptxJitCompiler64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvrtum64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvrtum64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvshext.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvshext.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsmartmax.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsmartmax.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsmartmax64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsmartmax64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsvc64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsvc64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsvcr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsvcr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsvs.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsvs.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvsvsr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvsvsr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\NvTelemetry64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\NvTelemetry64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvui.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvui.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvuir.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvuir.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvvitvs.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvvitvs.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvvitvsr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvvitvsr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvvkwddc32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvvkwddc32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvvkwddc64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvvkwddc64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwgf2um.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwgf2um.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwgf2umx.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwgf2umx.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwgf2umx_cfg.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwgf2umx_cfg.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwgf2um_cfg.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwgf2um_cfg.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwss.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwss.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvwssr.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvwssr.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvxdapix.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvxdapix.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvxdbat.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvxdbat.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\nvxdplcy.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\nvxdplcy.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\OpenCL.dll => ..\..\..\System32\OpenCL.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\OpenCL32.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\OpenCL32.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\OpenCL64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\OpenCL64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\vulkan-1-999-0-0-0.dll => ..\..\..\System32\vulkan-1-999-0-0-0.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\vulkan-1-x64.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\vulkan-1-x64.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\vulkan-1-x86.dll => ..\..\DriverStore\FileRepository\nvmi.inf_amd64_648cd8d675c313c6\vulkan-1-x86.dll [File]
     * C:\Windows\System32\drivers\nvlddmkm-patched\vulkan-1.dll => ..\..\..\System32\vulkan-1.dll [File]
     * C:\Windows\SysWOW64\drivers\nvlddmkm-patched => ..\..\System32\drivers\nvlddmkm-patched [Dir]

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 07/07/2021 09:51:51 PM
Execution time: 0 hours(s), 1 minute(s), and 6 seconds(s)




 

Link to post
Share on other sites

and heres Farbar

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-07-2021
Ran by mariu (07-07-2021 22:10:26)
Running from C:\Users\mariu\Downloads
Windows 10 Pro Version 21H1 19043.1081 (X64) (2021-06-30 04:55:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2754156630-795056227-535938833-500 - Administrator - Disabled)
Gjest (S-1-5-21-2754156630-795056227-535938833-501 - Limited - Disabled)
mariu (S-1-5-21-2754156630-795056227-535938833-1001 - Administrator - Enabled) => C:\Users\mariu
Standardkonto (S-1-5-21-2754156630-795056227-535938833-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2754156630-795056227-535938833-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.2001.2101 - Micro-Star International Co., Ltd.)
CPUID CPU-Z MSI 1.74 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.74 - CPUID, Inc.)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{c0cc7253-fa06-46c2-9ceb-f8641408262f}) (Version: 1.0.2.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7463 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.2.1024 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C1A5573E-1508-49E1-BA6A-34E2EB15E9BF}) (Version: 17.5.2.1024 - Intel Corporation)
Microsoft 365 Apps for enterprise - nb-no (HKLM\...\O365ProPlusRetail - nb-no) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2754156630-795056227-535938833-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2104.2801 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2104.2801 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0428.01 - MSI)
NVIDIA Grafikkdriver 462.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.21 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvare 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0414-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
qBittorrent 4.3.6 (HKLM-x32\...\qBittorrent) (Version: 4.3.6 - The qBittorrent project)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.15.19.1412 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
VulkanSDK 1.2.176.1 (HKLM\...\VulkanSDK1.2.176.1) (Version: 1.2.176.1 - LunarG, Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p [2021-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Intel® grafikkommandosenter -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-07-03] (INTEL CORP) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.7.2.0_x64__w2gh52qy24etm [2021-06-30] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-30] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-30] (Spotify AB) [Startup Task]
Tillegg for Bilder-mediemotor -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2754156630-795056227-535938833-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\mariu\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2754156630-795056227-535938833-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\mariu\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_63c2bbf15c85cec8\nvshext.dll [2021-06-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mariu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apper\Gjenopprettelsesverktøy for Chromebook.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai

==================== Loaded Modules (Whitelisted) =============

2021-06-30 07:30 - 2021-06-30 07:30 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-06-30 07:46 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-06-30 07:02 - 2021-06-30 07:02 - 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-06-30 07:49 - 2021-06-30 07:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-06-30 07:49 - 2021-06-30 07:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-07-02 15:07 - 2019-07-02 15:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2754156630-795056227-535938833-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=NMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\VulkanSDK\1.2.176.1\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2754156630-795056227-535938833-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mariu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\29752.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2754156630-795056227-535938833-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

30-06-2021 08:29:06 Windows Sikkerhetskopiering
02-07-2021 01:11:28 Installasjonsprogram for Windows-moduler
02-07-2021 13:16:18 Installasjonsprogram for Windows-moduler
02-07-2021 13:16:57 Installasjonsprogram for Windows-moduler
02-07-2021 13:17:32 Installasjonsprogram for Windows-moduler
03-07-2021 13:04:30 Installasjonsprogram for Windows-moduler
03-07-2021 13:29:34 Installasjonsprogram for Windows-moduler
03-07-2021 13:30:36 Installasjonsprogram for Windows-moduler
07-07-2021 04:00:52 Installed Battery Calibration
07-07-2021 04:37:41 Installed Nahimic 3 Restore

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2021 09:45:42 PM) (Source: ESENT) (EventID: 332) (User: )
Description: services (920,D,50) The database [D:\Downloads\FixWin10.2.2\defltbase.sdb] version 1568.200.440 is higher than the maximum version understood by the engine 1568.110.240.

Error: (07/07/2021 09:44:27 PM) (Source: ESENT) (EventID: 332) (User: )
Description: services (920,D,50) The database [D:\Downloads\FixWin10.2.2\defltbase.sdb] version 1568.200.440 is higher than the maximum version understood by the engine 1568.110.240.

Error: (07/07/2021 09:43:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (1788,R,98) SUS20ClientDataStore: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb0006C.log.

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informasjon fra Volume Shadow Copy-tjenesten: Kan ikke starte COM-serveren med CLSIDen {4e14fba2-2e22-11d1-9964-00c04fbbb345} og navnet CEventSystem. [0x8007045b, Systemavslutning forberedes.
]

Error: (07/07/2021 07:07:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GameManagerService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.SinkForEventQuery.Cancel()
   at System.Management.ManagementEventWatcher.Stop()
   at System.Management.ManagementEventWatcher.Finalize()

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Feil i tjenesten Volume Shadow Copy: Uventet feil under kall av rutinen CoCreateInstance.  hr = 0x8007045b, Systemavslutning forberedes.
.

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informasjon fra Volume Shadow Copy-tjenesten: Kan ikke starte COM-serveren med CLSIDen {4e14fba2-2e22-11d1-9964-00c04fbbb345} og navnet CEventSystem. [0x8007045b, Systemavslutning forberedes.
]

Error: (07/07/2021 05:37:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Programnavn med feil: SearchApp.exe, versjon: 10.0.19041.1081, tidsangivelse: 0x14a83b0b
Modulnavn med feil: KERNELBASE.dll, versjon: 10.0.19041.1081, tidsangivelse: 0xde3fc775
Unntakskode: 0xc000027b
Feilforskyvning: 0x000000000010bd3e
Feil prosess-ID: 0x2124
Feil starttid for program: 0x01d772e15c052e19
Feil programbane: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Feil modulbane: C:\Windows\System32\KERNELBASE.dll
Rapport-ID: bd0ba3e9-4965-4180-b121-ffb48d360d89
Fullstendig navn på feilpakke: 
Relativ program-ID for feilpakke:


System errors:
=============
Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget at nettverkskortet ikke fungerer slik det skal.
5002 - uCode SW error (SysAssert, NMI)

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)

Error: (07/07/2021 04:55:51 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget at nettverkskortet ikke fungerer slik det skal.
5002 - uCode SW error (SysAssert, NMI)

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)


Windows Defender:
================
Date: 2021-07-07 01:36:34
Description: 
Skanning av Microsoft Defender antivirus er stoppet før fullføring.
Skanne-ID: {62D284D5-0659-445A-8A5B-1B01656E478F}
Skannetype: Beskyttelse mot skadelig programvare
Skanneparametere: Hurtigskanning
Bruker: NT-MYNDIGHET\SYSTEM

Date: 2021-07-06 00:21:33
Description: 
Skanning av Microsoft Defender antivirus er stoppet før fullføring.
Skanne-ID: {01FF7FE1-599D-4861-AF84-1D85A5BA2906}
Skannetype: Beskyttelse mot skadelig programvare
Skanneparametere: Hurtigskanning
Bruker: NT-MYNDIGHET\SYSTEM


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-07-2021
Ran by mariu (07-07-2021 22:10:26)
Running from C:\Users\mariu\Downloads
Windows 10 Pro Version 21H1 19043.1081 (X64) (2021-06-30 04:55:49)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2754156630-795056227-535938833-500 - Administrator - Disabled)
Gjest (S-1-5-21-2754156630-795056227-535938833-501 - Limited - Disabled)
mariu (S-1-5-21-2754156630-795056227-535938833-1001 - Administrator - Enabled) => C:\Users\mariu
Standardkonto (S-1-5-21-2754156630-795056227-535938833-503 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2754156630-795056227-535938833-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.2001.2101 - Micro-Star International Co., Ltd.)
CPUID CPU-Z MSI 1.74 (HKLM\...\CPUID CPU-Z MSI_is1) (Version: 1.74 - CPUID, Inc.)
ENE_DRAM_RGB_AIO (HKLM\...\{1745D314-9077-46C9-8562-1C62BAE189B7}) (Version: 1.0.2.2 - Ene Tech.) Hidden
ENE_DRAM_RGB_AIO (HKLM-x32\...\{c0cc7253-fa06-46c2-9ceb-f8641408262f}) (Version: 1.0.2.2 - Ene Tech.) Hidden
ENE_EHD_M2_HAL (HKLM\...\{37A48B7F-D4EA-4863-844E-A284E2AA3C5D}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_EHD_M2_HAL (HKLM-x32\...\{54d3d2b5-db16-446d-b6dd-f4964b166b3b}) (Version: 1.0.8.13 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM\...\{9E97178A-ADB8-4778-BE60-7E28E2A72721}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_MousePad_HAL (HKLM-x32\...\{c2c794a4-7986-4c45-884d-d4ca43b88df9}) (Version: 1.0.2.0 - ENE TECHNOLOGY INC.) Hidden
ENE_X-JMI_HAL (HKLM\...\{2B8E611F-0B51-4FAC-87BB-AF50D82E7DDA}) (Version: 1.0.5.1 - ENE Tech) Hidden
ENE_X-JMI_HAL (HKLM-x32\...\{50ec3a07-291b-463e-be86-487eb8cbb71c}) (Version: 1.0.5.1 - ENE Tech) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 91.0.4472.124 - Google LLC)
Grand Theft Auto V (HKLM-x32\...\{5EFC6C07-6B87-43FC-9524-F9E967241741}) (Version: 1.0.2245.0 - Rockstar Games)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 26.20.100.7463 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.5.2.1024 - Intel Corporation)
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C1A5573E-1508-49E1-BA6A-34E2EB15E9BF}) (Version: 17.5.2.1024 - Intel Corporation)
Microsoft 365 Apps for enterprise - nb-no (HKLM\...\O365ProPlusRetail - nb-no) (Version: 16.0.14131.20278 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 91.0.864.64 - Microsoft Corporation)
Microsoft OneDrive (HKLM-x32\...\OneDriveSetup.exe) (Version: 21.119.0613.0001 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-2754156630-795056227-535938833-1001\...\Teams) (Version: 1.4.00.7174 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{E5A95BC5-81DF-4F0C-B910-B59DD012F037}) (Version: 2.81.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.22.27821 (HKLM-x32\...\{6361b579-2795-4886-b2a8-53d5239b6452}) (Version: 14.22.27821.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation)
MSI NBFoundation Service (HKLM-x32\...\{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2104.2801 - MSI) Hidden
MSI NBFoundation Service (HKLM-x32\...\InstallShield_{949A5329-B6AF-444F-BCDC-1F39F516D40C}) (Version: 1.0.2104.2801 - MSI)
MSI SDK (HKLM-x32\...\{EE7D557C-3AE7-4348-8DCA-3A89790D0002}}_is1) (Version: 2.2021.0428.01 - MSI)
NVIDIA Grafikkdriver 462.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 462.21 - NVIDIA Corporation)
NVIDIA PhysX systemprogramvare 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0414-1000-0000000FF1CE}) (Version: 16.0.14131.20278 - Microsoft Corporation) Hidden
qBittorrent 4.3.6 (HKLM-x32\...\qBittorrent) (Version: 4.3.6 - The qBittorrent project)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 9.15.19.1412 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.42.369 - Rockstar Games)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.0.8.5 - Rockstar Games)
Speccy (HKLM\...\Speccy) (Version: 1.32 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.4.0.7174 - Microsoft Corporation)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.14 - VideoLAN)
VulkanSDK 1.2.176.1 (HKLM\...\VulkanSDK1.2.176.1) (Version: 1.2.176.1 - LunarG, Inc.)
WD_BLACK AN1500 (HKLM\...\{085E2365-0A70-4230-B664-02D5E4FE7E9C}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK AN1500 (HKLM-x32\...\{9c94735f-73fd-4b0f-9ddb-8be7b3cc4681}) (Version: 1.0.12.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM\...\{BDE43F26-5917-44F8-B86A-F1D9A6B80B32}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
WD_BLACK D50 (HKLM-x32\...\{a1d1ba00-92b7-4a99-8ebd-65b25c0e9e44}) (Version: 1.0.9.0 - ENE TECHNOLOGY INC.) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.8  - Winamp SA)

Packages:
=========
DragonCenter -> C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p [2021-06-30] (MICRO-STAR INTERNATIONAL CO., LTD) [Startup Task]
Intel® grafikkommandosenter -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt [2021-07-03] (INTEL CORP) [Startup Task]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.6151.0_x64__8wekyb3d8bbwe [2021-07-02] (Microsoft Studios) [MS Ad]
Nahimic -> C:\Program Files\WindowsApps\A-Volute.Nahimic_1.7.2.0_x64__w2gh52qy24etm [2021-06-30] (A-Volute)
NVIDIA Control Panel -> C:\Program Files\WindowsApps\NVIDIACorp.NVIDIAControlPanel_8.1.961.0_x64__56jybvy8sckqj [2021-06-30] (NVIDIA Corp.)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.26.251.0_x64__dt26b99r8h8gj [2021-07-06] (Realtek Semiconductor Corp)
Spotify Music -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.162.583.0_x86__zpdnekdrzrea0 [2021-06-30] (Spotify AB) [Startup Task]
Tillegg for Bilder-mediemotor -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2021-07-07] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2754156630-795056227-535938833-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\mariu\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20339.4\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2754156630-795056227-535938833-1001_Classes\CLSID\{80172dde-4e20-4df0-81a2-0a48553e80bb}\localserver32 -> C:\Users\mariu\AppData\Local\NhNotifSys\nahimic\nahimicNotifSys.exe (A-Volute SAS -> A-Volute)
ShellIconOverlayIdentifiers: [  OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [  OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> )
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-07-08] (Intel(R) Rapid Storage Technology -> )
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files (x86)\Microsoft OneDrive\21.119.0613.0001\amd64\FileSyncShell64.dll [2021-07-03] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\System32\DriverStore\FileRepository\nvmi.inf_amd64_63c2bbf15c85cec8\nvshext.dll [2021-06-10] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\mariu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-apper\Gjenopprettelsesverktøy for Chromebook.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) ->  --profile-directory=Default --app-id=jndclpdbaamdhonoechobihbbiimdgai

==================== Loaded Modules (Whitelisted) =============

2021-06-30 07:30 - 2021-06-30 07:30 - 002972368 _____ (Dexin Corp -> MICRO-STAR INTERNATIONAL) [File not signed] C:\Program Files\WindowsApps\9426MICRO-STARINTERNATION.DragonCenter_2.0.109.0_x64__kzh8wxbdkxb8p\DCv2\Device\GM6070\IcMSIDll.dll
2021-06-30 07:46 - 2019-02-21 18:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2021-06-30 07:02 - 2021-06-30 07:02 - 042557440 _____ (Intel Corporation) [File not signed] C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.3325.0_x64__8j3eq9eme6ctt\IGCC.dll
2021-06-30 07:49 - 2021-06-30 07:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\AppVIsvSubsystems64.dll
2021-06-30 07:49 - 2021-06-30 07:49 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\c2r64.dll
2019-07-02 15:07 - 2019-07-02 15:07 - 000014632 _____ (Micro-Star International CO., LTD. -> ) [File not signed] C:\Program Files (x86)\MSI\MSI NBFoundation Service\UEFIVaribleDll.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-2754156630-795056227-535938833-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=NMTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2021-06-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2021-06-30] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2021-07-05] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\VulkanSDK\1.2.176.1\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common
HKU\S-1-5-21-2754156630-795056227-535938833-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mariu\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\29752.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller"
HKU\S-1-5-21-2754156630-795056227-535938833-1001\...\StartupApproved\Run: => "com.squirrel.Teams.Teams"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

30-06-2021 08:29:06 Windows Sikkerhetskopiering
02-07-2021 01:11:28 Installasjonsprogram for Windows-moduler
02-07-2021 13:16:18 Installasjonsprogram for Windows-moduler
02-07-2021 13:16:57 Installasjonsprogram for Windows-moduler
02-07-2021 13:17:32 Installasjonsprogram for Windows-moduler
03-07-2021 13:04:30 Installasjonsprogram for Windows-moduler
03-07-2021 13:29:34 Installasjonsprogram for Windows-moduler
03-07-2021 13:30:36 Installasjonsprogram for Windows-moduler
07-07-2021 04:00:52 Installed Battery Calibration
07-07-2021 04:37:41 Installed Nahimic 3 Restore

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (07/07/2021 09:45:42 PM) (Source: ESENT) (EventID: 332) (User: )
Description: services (920,D,50) The database [D:\Downloads\FixWin10.2.2\defltbase.sdb] version 1568.200.440 is higher than the maximum version understood by the engine 1568.110.240.

Error: (07/07/2021 09:44:27 PM) (Source: ESENT) (EventID: 332) (User: )
Description: services (920,D,50) The database [D:\Downloads\FixWin10.2.2\defltbase.sdb] version 1568.200.440 is higher than the maximum version understood by the engine 1568.110.240.

Error: (07/07/2021 09:43:10 PM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (1788,R,98) SUS20ClientDataStore: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb0006C.log.

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informasjon fra Volume Shadow Copy-tjenesten: Kan ikke starte COM-serveren med CLSIDen {4e14fba2-2e22-11d1-9964-00c04fbbb345} og navnet CEventSystem. [0x8007045b, Systemavslutning forberedes.
]

Error: (07/07/2021 07:07:26 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: GameManagerService.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Management.ManagementException
   at System.Management.ManagementException.ThrowWithExtendedInfo(System.Management.ManagementStatus)
   at System.Management.SinkForEventQuery.Cancel()
   at System.Management.ManagementEventWatcher.Stop()
   at System.Management.ManagementEventWatcher.Finalize()

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Feil i tjenesten Volume Shadow Copy: Uventet feil under kall av rutinen CoCreateInstance.  hr = 0x8007045b, Systemavslutning forberedes.
.

Error: (07/07/2021 07:07:26 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informasjon fra Volume Shadow Copy-tjenesten: Kan ikke starte COM-serveren med CLSIDen {4e14fba2-2e22-11d1-9964-00c04fbbb345} og navnet CEventSystem. [0x8007045b, Systemavslutning forberedes.
]

Error: (07/07/2021 05:37:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Programnavn med feil: SearchApp.exe, versjon: 10.0.19041.1081, tidsangivelse: 0x14a83b0b
Modulnavn med feil: KERNELBASE.dll, versjon: 10.0.19041.1081, tidsangivelse: 0xde3fc775
Unntakskode: 0xc000027b
Feilforskyvning: 0x000000000010bd3e
Feil prosess-ID: 0x2124
Feil starttid for program: 0x01d772e15c052e19
Feil programbane: C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
Feil modulbane: C:\Windows\System32\KERNELBASE.dll
Rapport-ID: bd0ba3e9-4965-4180-b121-ffb48d360d89
Fullstendig navn på feilpakke: 
Relativ program-ID for feilpakke:


System errors:
=============
Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget at nettverkskortet ikke fungerer slik det skal.
5002 - uCode SW error (SysAssert, NMI)

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 05:00:36 PM) (Source: Netwtw08) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)

Error: (07/07/2021 04:55:51 PM) (Source: Netwtw08) (EventID: 5002) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget at nettverkskortet ikke fungerer slik det skal.
5002 - uCode SW error (SysAssert, NMI)

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5005) (User: )
Description: Intel(R) Wireless-AC 9560 160MHz: Oppdaget en intern feil.
5005 - Driver internal error

Error: (07/07/2021 04:55:50 PM) (Source: Netwtw08) (EventID: 5007) (User: )
Description: 5007 - TX/CMD timeout (TfdQueue hanged)


Windows Defender:
================
Date: 2021-07-07 01:36:34
Description: 
Skanning av Microsoft Defender antivirus er stoppet før fullføring.
Skanne-ID: {62D284D5-0659-445A-8A5B-1B01656E478F}
Skannetype: Beskyttelse mot skadelig programvare
Skanneparametere: Hurtigskanning
Bruker: NT-MYNDIGHET\SYSTEM

Date: 2021-07-06 00:21:33
Description: 
Skanning av Microsoft Defender antivirus er stoppet før fullføring.
Skanne-ID: {01FF7FE1-599D-4861-AF84-1D85A5BA2906}
Skannetype: Beskyttelse mot skadelig programvare
Skanneparametere: Hurtigskanning
Bruker: NT-MYNDIGHET\SYSTEM

 

Link to post
Share on other sites

  • Root Admin

To begin, please do the following so that we may take a closer look at your installation for troubleshooting:

NOTE: The tools and the information obtained are safe and not harmful to your privacy or your computer, please allow the programs to run if blocked by your system.

  • Download the Malwarebytes Support Tool
  • In your Downloads folder, open the mb-support-x.x.x.xxx.exe file
  • In the User Account Control pop-up window, click Yes to continue the installation
  • Run the MBST Support Tool
  • In the left navigation pane of the Malwarebytes Support Tool, click Advanced
  • In the Advanced Options, click Gather Logs. A status diagram displays the tool is Getting logs from your machine
  • A zip file named mbst-grab-results.zip will be saved to your desktop, please upload that file on your next reply

Thank you

 

Link to post
Share on other sites

  • Root Admin

Well, neither of those are antivirus programs. Please run the following and I'll check back on you later this afternoon

 

Please run the following steps and post back the logs as an attachment when ready.
Temporarily disable your antivirus or other security software first. Make sure to turn it back on once the scans are completed.
Temporarily disable Microsoft SmartScreen to download software below if needed. Make sure to turn it back on once the scans are completed.
If you still have trouble downloading the software please click on Reveal Hidden Contents below for examples of how to allow the download.

 

Spoiler
 
 
 
 

 

Spoiler

 

When downloading with some browsers you may see a different style of screens that may block FRST from downloading. The program is safe and used hundreds of times a week by many users.

Example of Microsoft Edge blocking the download

image.png

image.png

image.png

 

 



STEP 01

  • If you already have Malwarebytes installed then open Malwarebytes and click on the Scan button. It will automatically check for updates and run a Threat Scan.
  • If you don't have Malwarebytes installed yet please download it from here and install it.
  • Once installed then open Malwarebytes and select Scan and let it run.
  • Once the scan is completed make sure you have it quarantine any detections it finds.
  • If no detections were found click on the Save results drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If there were detections then once the quarantine has completed click on the View report button, Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If the computer restarted to quarantine you can access the logs from the Detection History, then the History tab. Highlight the most recent scan and double-click to open it. Then click the Export drop-down, then the Export to TXT  button, and save the file as a Text file to your desktop or other location you can find and attach that log on your next reply.
  • If Malwarebytes won't run then please skip to the next step and let me know in your next reply that the scanner would not run.

STEP 02

Please download AdwCleaner by Malwarebytes and save the file to your Desktop.

  • Double-click to run the program
  • Accept the End User License Agreement.
  • Wait until the database is updated.
  • Click Scan Now.
  • When finished, if items are found please click Quarantine.
  • Your PC should reboot now if any items were found.
  • After reboot, a log file will be opened. Attach or Copy its content into your next reply.

RESTART THE COMPUTER Before running Step 3

STEP 03
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens, click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). If you've, run the tool before you need to place a check mark here each time
  • Please attach the Additions.txt log to your reply as well.
  • On your next reply, you should be attaching frst.txt and additions.txt to your post, every time.

 

Thanks

Link to post
Share on other sites

  • 3 weeks later...

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this topic with your request.

This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread.

Please review the following for Tips to help protect from infection

Thank you

 

 

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.