Jump to content

Nidalee

Members
 View Profile  See their activity

  • Posts

    14

  • Joined

  • Last visited

 Content Type 

Everything posted by Nidalee

  1. Nidalee
    Installed new version of Adobe, even tho i already had that version I just had 2 versions. Made a fresh install of Malwarebytes and its fully working now. I recovered Recyle bin, it was disabled in my registry, or it was disabled i just enabled that and then it came back. I changed the response of the keyboard and its working now. I guess I did something wrong the first time I tried this. I have some questions for you. 1. Should I keep 360 Total Security? Or should I go for G Data, or Trustport or something like that? 2. How do I increase the startup speed? I have everything disabled in the msconfig startup. 3. If I format my Computer, would this increase my FPS again, or is it hardware damaged? 4. Was I even infected? Other than trojans and malwares? Thank you very much for your time AdvancedSetup, I really appreciate what you guys do for people.
  2. Nidalee
    Results of screen317's Security Check version 0.99.96 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` 360 Total Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Java 64-bit 8 Update 31 Adobe Flash Player 12.0.0.77 Flash Player out of Date! Adobe Reader XI Mozilla Firefox (35.0) Google Chrome (40.0.2214.115) ````````Process Check: objlist.exe by Laurent```````` `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` May I close the black box when it says "Results have been copied to checkup.txt, itch should open... now!" ? My computer have actually dropped frames, when playing games. Went from 200 frames to 70-100ish. Had 200fps before we started, now its 70-100ish. Malwarebytes cant fix the real time protection, that makes me think im still infected, unless the feature does not work. But it worked long time ago. Keyboard writes 2 times still. But not everytime just sometimes, its really annoying, even if i plug in a new keyboard it does it. The bootup is fixed. It can start now w/o the windows CD. Got really fast boot times now. Very clean and fast overall. Thank you for your help. The only things i've gotta find out, is the keyboard error, and the frames in games.
  3. Nidalee
    Windows Defender I do not even have I think...
  4. Nidalee
    ComboFix 15-02-16.01 - Jonas 23-02-2015 20:17:00.1.8 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1252.45.1033.18.12170.8529 [GMT 1:00] Kører fra: c:\users\Jonas\Desktop\ComboFix.exe AV: 360 Total Security *Disabled/Updated* {2B66EE1E-E5C8-C2F7-648F-4E55AC68D37D} SP: 360 Total Security *Disabled/Updated* {90070FFA-C3F2-CD79-5E3F-7527D7EF99C0} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Andet, der er slettet ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\DuckDNSUpdater\DuckDnsUpdater.exe c:\programdata\000B581C_S__0 c:\users\Jonas\AppData\Local\assembly\tmp c:\users\Jonas\AppData\Roaming\Windows32 c:\users\Jonas\Desktop\ c:\windows\SysWow64\networkdlllsp.dll . . ((((((((((((((((((((((((((((((((((((((( Drivers/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_AdobeUpdateService . . ((((((((((((((((((((((((((((( Filer skabt fra 2015-01-23 til 2015-02-23 ))))))))))))))))))))))))))))))))))) . . 2015-02-23 00:43 . 2015-01-07 03:10 782848 ----a-w- c:\windows\system32\gpsvc.dll 2015-02-23 00:43 . 2015-01-07 02:44 79872 ----a-w- c:\windows\SysWow64\gpapi.dll 2015-02-23 00:43 . 2015-01-07 01:48 290816 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2015-02-23 00:43 . 2015-01-07 01:48 129024 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2015-02-23 00:43 . 2015-01-07 01:48 105984 ----a-w- c:\windows\system32\drivers\dfsc.sys 2015-02-23 00:43 . 2015-01-07 04:09 13312 ----a-w- c:\windows\system32\drivers\da-DK\mup.sys.mui 2015-02-23 00:43 . 2015-01-07 01:49 310272 ----a-w- c:\windows\system32\drivers\rdbss.sys 2015-02-23 00:43 . 2015-01-07 01:49 159232 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2015-02-23 00:43 . 2015-01-07 03:15 104896 ----a-w- c:\windows\system32\drivers\mup.sys 2015-02-23 00:43 . 2015-01-07 03:04 12800 ----a-w- c:\windows\system32\drivers\en-US\mup.sys.mui 2015-02-23 00:30 . 2015-02-23 00:30 -------- d-----w- c:\programdata\360SD 2015-02-23 00:25 . 2015-02-23 11:31 -------- d-----w- C:\$360Section 2015-02-23 00:05 . 2015-02-23 11:31 -------- d-----w- c:\programdata\360Quarant 2015-02-23 00:05 . 2015-02-23 00:37 -------- d-----w- c:\users\Jonas\AppData\Roaming\360safe 2015-02-23 00:00 . 2015-02-23 00:05 -------- d-----w- c:\programdata\360TotalSecurity 2015-02-23 00:00 . 2015-02-23 11:33 -------- d-----w- c:\programdata\360safe 2015-02-23 00:00 . 2015-02-12 13:35 314448 ----a-w- c:\windows\system32\drivers\360fsflt.sys 2015-02-23 00:00 . 2015-02-23 00:00 -------- d-----r- C:\360SANDBOX 2015-02-23 00:00 . 2015-02-12 13:35 305736 ----a-w- c:\windows\system32\drivers\360Box64.sys 2015-02-23 00:00 . 2015-02-12 13:35 40520 ----a-w- c:\windows\system32\drivers\360Camera64.sys 2015-02-23 00:00 . 2015-02-12 13:35 100424 ----a-w- c:\windows\system32\drivers\360AntiHacker64.sys 2015-02-23 00:00 . 2015-02-12 13:35 180816 ----a-w- c:\windows\system32\drivers\BAPIDRV64.SYS 2015-02-23 00:00 . 2015-02-12 13:35 77896 ----a-w- c:\windows\system32\drivers\360AvFlt.sys 2015-02-23 00:00 . 2015-02-23 00:00 -------- d-----w- c:\program files (x86)\360 2015-02-21 22:07 . 2015-02-23 00:26 -------- d-----w- c:\program files (x86)\BorderlineFunc 2015-02-21 22:07 . 2015-02-23 02:15 -------- d-----w- c:\program files (x86)\Ask the Gooru 2015-02-21 15:28 . 2015-02-21 15:28 -------- d-----w- c:\program files (x86)\ESET 2015-02-21 05:45 . 2015-02-23 19:30 -------- d-----w- c:\program files (x86)\DuckDNSUpdater 2015-02-21 02:26 . 2015-02-21 02:26 73840 ----a-w- c:\program files (x86)\Mozilla Firefox\wow_helper.exe 2015-02-21 02:03 . 2015-02-21 02:03 -------- d-----w- c:\program files (x86)\ERUNT 2015-02-20 22:41 . 2015-02-20 22:49 -------- d-----w- c:\users\Jonas\AppData\Local\DotNet Resolver 2015-02-20 12:49 . 2015-01-29 09:07 11910896 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{1A49F7E7-994D-4C6E-A447-CEDE6B7DC952}\mpengine.dll 2015-02-19 21:59 . 2015-02-19 21:59 -------- d-----w- c:\program files (x86)\GMT-MAX.ORG 2015-02-19 21:44 . 2015-02-19 21:44 -------- d-----w- c:\program files (x86)\Origin Games 2015-02-19 21:43 . 2015-02-19 21:46 -------- d-----w- c:\users\Jonas\AppData\Roaming\Origin 2015-02-19 21:43 . 2015-02-19 21:44 -------- d-----w- c:\users\Jonas\AppData\Local\Origin 2015-02-19 20:45 . 2015-02-19 20:45 -------- d-----w- c:\users\Jonas\jagexcache 2015-02-19 20:14 . 2015-02-23 19:36 129752 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-02-19 20:13 . 2014-11-21 05:14 63704 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-02-19 20:13 . 2014-11-21 05:14 93400 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-02-19 20:13 . 2014-11-21 05:14 25816 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-02-19 20:13 . 2015-02-19 20:13 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware 2015-02-19 20:00 . 2015-02-23 07:34 -------- d-----w- C:\AdwCleaner 2015-02-19 18:20 . 2015-02-19 18:20 -------- d-----w- c:\users\Jonas\AppData\Local\Steam 2015-02-15 15:40 . 2015-02-15 15:40 605552 ----a-w- c:\windows\system32\winload.bak 2015-02-15 15:40 . 2015-02-15 15:40 5554112 ----a-w- c:\windows\system32\ntoskrnl.bak 2015-02-15 15:39 . 2015-02-15 15:39 -------- d-----w- C:\Crash 2015-02-15 15:36 . 2015-02-15 15:36 -------- d-----w- c:\users\Jonas\AppData\Local\SCE 2015-02-14 23:35 . 2015-02-22 16:39 -------- d-----w- c:\program files (x86)\Origin 2015-02-14 22:05 . 2015-02-14 22:05 -------- d-----w- c:\programdata\FlyVPN 2015-02-13 22:56 . 2015-02-13 23:06 -------- d-----w- C:\shitshow 2015-02-13 15:10 . 2015-01-23 04:42 814080 ----a-w- c:\windows\system32\jscript9diag.dll 2015-02-13 15:10 . 2015-01-23 04:41 6041600 ----a-w- c:\windows\system32\jscript9.dll 2015-02-13 15:10 . 2015-01-23 03:43 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll 2015-02-13 15:10 . 2015-01-23 03:17 4300800 ----a-w- c:\windows\SysWow64\jscript9.dll 2015-02-12 20:04 . 2015-02-21 19:57 -------- d-----w- c:\users\Jonas\AppData\Local\DarkN3ss.com 2015-02-11 09:24 . 2015-01-15 08:06 60416 ----a-w- c:\windows\system32\msobjs.dll 2015-02-11 09:23 . 2015-01-09 02:03 3201536 ----a-w- c:\windows\system32\win32k.sys 2015-02-08 01:33 . 2015-02-19 20:59 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys 2015-02-08 01:33 . 2015-02-08 01:33 -------- d-----w- c:\programdata\RogueKiller 2015-02-08 01:28 . 2015-02-21 21:38 -------- d-----w- C:\FRST 2015-02-04 21:56 . 2015-02-04 21:56 -------- d-----w- c:\program files\AutoHotkey 2015-02-04 00:15 . 2015-02-04 00:16 -------- d-----w- c:\program files (x86)\Mod Organizer 2015-02-03 22:39 . 2015-02-05 13:21 -------- d-----w- c:\users\Jonas\AppData\Local\Skyrim 2015-02-03 22:39 . 2015-02-03 22:39 -------- d-----w- c:\users\Jonas\AppData\Local\Black_Tree_Gaming 2015-02-03 22:38 . 2015-02-03 22:38 -------- d-----w- c:\program files\Nexus Mod Manager 2015-02-03 22:12 . 2015-02-21 02:41 -------- d-----w- c:\program files (x86)\The Elder Scrolls V Skyrim 2015-02-01 18:43 . 2015-02-01 18:43 -------- d-----w- c:\program files (x86)\GPU-Z 2015-01-30 09:57 . 2015-02-09 21:26 -------- d-----w- c:\users\Jonas\AppData\Roaming\NVIDIA 2015-01-29 23:21 . 2015-01-29 23:21 -------- d-----w- C:\W32Dasm 2015-01-29 16:51 . 2015-01-30 08:24 -------- d-----w- c:\program files (x86)\InnerSpace 2015-01-28 10:47 . 2015-01-28 10:56 -------- d-----w- c:\users\Jonas\AppData\Roaming\NulledIO 2015-01-28 09:09 . 2015-01-28 09:09 236080 ----a-w- c:\windows\RegBootClean64.exe 2015-01-28 08:53 . 2013-09-28 02:56 285208 ----a-w- c:\windows\system32\drivers\tmcomm.sys 2015-01-27 23:37 . 2015-01-27 23:37 -------- d-----w- c:\program files (x86)\Microsoft ASP.NET 2015-01-26 21:48 . 2015-01-26 21:49 -------- d-----w- c:\users\Jonas\AppData\Local\NVIDIA 2015-01-26 21:48 . 2015-01-16 06:41 1316184 ----a-w- c:\windows\SysWow64\nvspbridge.dll 2015-01-26 21:48 . 2015-01-16 06:41 1278920 ----a-w- c:\windows\SysWow64\nvspcap.dll 2015-01-26 21:48 . 2015-01-16 06:41 1756424 ----a-w- c:\windows\system32\nvspbridge64.dll 2015-01-26 21:48 . 2015-01-16 06:41 1514528 ----a-w- c:\windows\system32\nvspcap64.dll 2015-01-26 21:48 . 2015-01-09 22:27 621200 ----a-w- c:\windows\SysWow64\nvStreaming.exe 2015-01-26 21:48 . 2015-01-26 21:48 -------- d-----w- c:\windows\SysWow64\NV 2015-01-26 21:48 . 2015-01-26 21:48 -------- d-----w- c:\windows\system32\NV 2015-01-26 21:26 . 2015-01-09 23:30 6860432 ----a-w- c:\windows\system32\nvcpl.dll 2015-01-26 21:26 . 2015-01-09 23:30 3517256 ----a-w- c:\windows\system32\nvsvc64.dll 2015-01-26 21:26 . 2015-01-09 23:29 935056 ----a-w- c:\windows\system32\nvvsvc.exe 2015-01-26 21:26 . 2015-01-09 23:29 2558608 ----a-w- c:\windows\system32\nvsvcr.dll 2015-01-26 21:26 . 2015-01-09 23:29 75080 ----a-w- c:\windows\system32\nv3dappshextr.dll 2015-01-26 21:26 . 2015-01-09 23:29 62608 ----a-w- c:\windows\system32\nvshext.dll 2015-01-26 21:26 . 2015-01-09 23:29 385352 ----a-w- c:\windows\system32\nvmctray.dll 2015-01-26 21:26 . 2015-01-09 23:29 1097872 ----a-w- c:\windows\system32\nv3dappshext.dll 2015-01-26 21:26 . 2015-01-09 19:47 4173527 ----a-w- c:\windows\system32\nvcoproc.bin 2015-01-26 20:04 . 2015-01-26 20:04 -------- d-----w- C:\NVIDIA . . . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-02-23 00:38 . 2014-08-26 06:30 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-02-23 00:38 . 2014-08-26 06:30 701616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-02-20 04:48 . 2014-01-03 23:23 605552 ----a-w- c:\windows\system32\winload.exe 2015-02-12 07:26 . 2014-01-03 23:33 116773704 ----a-w- c:\windows\system32\MRT.exe 2015-01-10 08:07 . 2013-12-10 14:32 994712 ----a-w- c:\windows\system32\nvumdshimx.dll 2015-01-10 08:07 . 2013-12-10 14:32 877488 ----a-w- c:\windows\SysWow64\nvumdshim.dll 2015-01-10 08:07 . 2013-12-10 14:32 177624 ----a-w- c:\windows\system32\nvinitx.dll 2015-01-10 08:07 . 2013-12-10 14:32 164568 ----a-w- c:\windows\SysWow64\nvinit.dll 2015-01-10 08:07 . 2013-12-10 14:32 14115944 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2015-01-10 08:07 . 2013-12-10 14:32 3298816 ----a-w- c:\windows\system32\nvapi64.dll 2014-12-30 09:35 . 2014-12-30 09:35 177832 ----a-w- c:\windows\system32\drivers\rzudd.sys 2014-12-30 09:28 . 2014-12-30 09:28 990720 ----a-w- c:\windows\SysWow64\rzdevicedll.dll 2014-12-30 09:28 . 2014-12-30 09:28 78848 ----a-w- c:\windows\SysWow64\rzvirtualdev.dll 2014-12-30 09:28 . 2014-12-30 09:28 89088 ----a-w- c:\windows\SysWow64\rzdevinfo.dll 2014-12-30 09:28 . 2014-12-30 09:28 155136 ----a-w- c:\windows\SysWow64\rztouchdll.dll 2014-12-30 09:28 . 2014-12-30 09:28 117248 ----a-w- c:\windows\SysWow64\rzdisplaydll.dll 2014-12-30 09:28 . 2014-12-30 09:28 419840 ----a-w- c:\windows\SysWow64\rzaudiodll.dll 2014-12-22 23:41 . 2010-11-21 03:27 298120 ------w- c:\windows\system32\MpSigStub.exe 2014-12-19 03:22 . 2014-12-19 03:22 9728 ----a-w- c:\windows\SysWow64\RzStats.IPC.dll 2014-12-19 03:06 . 2015-01-14 08:03 210432 ----a-w- c:\windows\system32\profsvc.dll 2014-12-19 01:46 . 2015-01-14 08:02 141312 ----a-w- c:\windows\system32\drivers\mrxdav.sys 2014-12-11 17:47 . 2015-01-14 08:03 62976 ----a-w- c:\windows\system32\TSWbPrxy.exe 2014-12-10 20:43 . 2015-01-20 20:19 129600 ----a-w- c:\windows\system32\drivers\rzpnk.sys 2014-12-09 22:21 . 2015-01-20 20:18 37184 ----a-w- c:\windows\system32\drivers\rzpmgrk.sys 2014-12-07 20:37 . 2014-12-07 20:37 6231552 ----a-r- c:\users\Jonas\AppData\Roaming\Microsoft\Installer\{6D8FB164-2A7D-43B2-A59E-E16BF568ACB0}\DesktopIcon.exe 2014-12-06 04:17 . 2015-01-14 08:02 303616 ----a-w- c:\windows\system32\nlasvc.dll 2014-12-06 03:50 . 2015-01-14 08:02 52224 ----a-w- c:\windows\SysWow64\nlaapi.dll 2014-12-06 03:50 . 2015-01-14 08:02 156672 ----a-w- c:\windows\SysWow64\ncsi.dll . . ((((((((((((((((((((((((((((((((((( Start steder i reg.basen )))))))))))))))))))))))))))))))))))))))))))))))) . . *Bemærk* tomme linier & lovlige standard linier vises ikke REGEDIT4 . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-11-26 11:19 233128 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-11-26 11:19 233128 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-11-26 11:19 233128 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\SkyDriveShell.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2014-11-12 00:41 1729744 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 152544 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt.25.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 64792 ----a-w- c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "Sound Blaster Recon3Di Control Panel"="c:\program files (x86)\Creative\Sound Blaster Recon3Di\Sound Blaster Recon3Di Control Panel\SBRcni.exe" [2011-12-21 880640] "QHSafeTray"="c:\program files (x86)\360\Total Security\safemon\QHSafeTray.exe" [2015-02-12 1208944] . c:\users\Jonas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ Dropbox.lnk - c:\users\Jonas\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2015-2-11 42555824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "TaskbarNoThumbnail"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Notification Packages REG_MULTI_SZ scecli c:\program files\ThinkPad\Bluetooth Software\BtwProximityCP.dll . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 360AvFlt;360AvFlt mini-filter driver;c:\windows\system32\DRIVERS\360AvFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360AvFlt.sys [x] R3 ALSysIO;ALSysIO;c:\users\Jonas\AppData\Local\Temp\ALSysIO64.sys;c:\users\Jonas\AppData\Local\Temp\ALSysIO64.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 GDPkIcpt;GDPkIcpt;c:\windows\system32\drivers\PktIcpt.sys;c:\windows\SYSNATIVE\drivers\PktIcpt.sys [x] R3 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x] R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x] R3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x] R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;tsusbhub [x] R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x] R4 ActivControl;Activcontrol;c:\program files\Activ Software\ActivDriver\ActivControlsvc.exe;c:\program files\Activ Software\ActivDriver\ActivControlsvc.exe [x] R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x] R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x] R4 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x] R4 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x] R4 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x] R4 CtHdaSvc;Sound Core3D Service;c:\windows\sysWow64\CtHdaSvc.exe;c:\windows\sysWow64\CtHdaSvc.exe [x] R4 GingerUpdateService;GingerUpdateService;c:\program files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe;c:\program files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [x] R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x] R4 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x] R4 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x] R4 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] R4 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R4 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x] R4 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x] R4 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x] R4 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x] R4 Qualcomm Atheros Killer Service;Qualcomm Atheros Killer Service;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe;c:\program files\Qualcomm Atheros\Killer Network Manager\BFNService.exe [x] R4 Razer Game Scanner Service;Razer Game Scanner;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe;c:\program files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [x] R4 RUBotSrv;Trend Micro RUBotted Service;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe;c:\program files (x86)\Trend Micro\RUBotted\RUBotSrv.exe [x] R4 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x] R4 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R4 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x] R4 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x] R4 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x] S1 360Box64;360Box mini-filter driver;c:\windows\system32\DRIVERS\360Box64.sys;c:\windows\SYSNATIVE\DRIVERS\360Box64.sys [x] S1 360Camera;360Safe Camera Filter Service;c:\windows\system32\Drivers\360Camera64.sys;c:\windows\SYSNATIVE\Drivers\360Camera64.sys [x] S1 360FsFlt;360FsFlt mini-filter driver;c:\windows\system32\DRIVERS\360FsFlt.sys;c:\windows\SYSNATIVE\DRIVERS\360FsFlt.sys [x] S1 BAPIDRV;BAPIDRV;c:\windows\system32\DRIVERS\BAPIDRV64.sys;c:\windows\SYSNATIVE\DRIVERS\BAPIDRV64.sys [x] S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x] S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x] S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x] S2 ClickToRunSvc;Microsoft Office-tjenesten Klik og kør;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x] S2 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x] S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x] S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x] S2 QHActiveDefense;360 Total Security;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe;c:\program files (x86)\360\Total Security\safemon\QHActiveDefense.exe [x] S2 rzpmgrk;rzpmgrk;c:\windows\system32\drivers\rzpmgrk.sys;c:\windows\SYSNATIVE\drivers\rzpmgrk.sys [x] S2 rzpnk;rzpnk;c:\windows\system32\drivers\rzpnk.sys;c:\windows\SYSNATIVE\drivers\rzpnk.sys [x] S3 360AntiHacker;360Safe Anti Hacker Service;c:\windows\system32\Drivers\360AntiHacker64.sys;c:\windows\SYSNATIVE\Drivers\360AntiHacker64.sys [x] S3 Ak27x64;Killer Wireless-N 1102 device driver;c:\windows\system32\DRIVERS\Ak27x64.sys;c:\windows\SYSNATIVE\DRIVERS\Ak27x64.sys [x] S3 bcbtums;Bluetooth RAM Firmware Download USB Filter;c:\windows\system32\drivers\bcbtums.sys;c:\windows\SYSNATIVE\drivers\bcbtums.sys [x] S3 btwampfl;btwampfl Bluetooth filter driver;c:\windows\system32\drivers\btwampfl.sys;c:\windows\SYSNATIVE\drivers\btwampfl.sys [x] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x] S3 cthda;Sound Core3D(CtHda.sys);c:\windows\system32\drivers\cthda.sys;c:\windows\SYSNATIVE\drivers\cthda.sys [x] S3 dcdbas;System Management Driver;c:\windows\system32\DRIVERS\dcdbas64.sys;c:\windows\SYSNATIVE\DRIVERS\dcdbas64.sys [x] S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 L1C;NDIS Miniport Driver for Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x] S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x] S3 rzudd;Razer Mouse Driver;c:\windows\system32\DRIVERS\rzudd.sys;c:\windows\SYSNATIVE\DRIVERS\rzudd.sys [x] S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x] . . --- Andre Services/Drivers i Hukommelsen --- . *NewlyCreated* - MBAMSWISSARMY *NewlyCreated* - MBAMWEBACCESSCONTROL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] iissvcs REG_MULTI_SZ w3svc was apphost REG_MULTI_SZ apphostsvc . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-02-23 07:54 1084744 ----a-w- c:\program files (x86)\Google\Chrome\Application\40.0.2214.115\Installer\chrmstp.exe . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1] @="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}" [HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}] 2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2] @="{853B7E05-C47D-4985-909A-D0DC5C6D7303}" [HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}] 2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3] @="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}" [HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}] 2014-12-19 14:57 1039008 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1] @="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}" [HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}] 2014-11-26 11:19 260776 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2] @="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}" [HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}] 2014-11-26 11:19 260776 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3] @="{BBACC218-34EA-4666-9D7A-C78F2274A524}" [HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}] 2014-11-26 11:19 260776 ----a-w- c:\users\Jonas\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\SkyDriveShell64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)] @="{8BA85C75-763B-4103-94EB-9470F12FE0F7}" [HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}] 2015-01-21 14:03 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)] @="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" [HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}] 2015-01-21 14:03 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)] @="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" [HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}] 2015-01-21 14:03 2334928 ----a-w- c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"] @="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"] @="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"] @="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"] @="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"] @="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"] @="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"] @="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"] @="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}" [HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}] 2015-02-11 01:12 185824 ----a-w- c:\users\Jonas\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2011-06-13 08:20 75544 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-01-16 2585928] . ------- Yderligere scanning ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm mDefault_Page_URL = hxxp://www.google.com uSearchAssistant = www.google.com IE: E&xport to Microsoft Excel - c:\program files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\program files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105 Trusted Zone: clonewarsadventures.com Trusted Zone: dell.com Trusted Zone: freerealms.com Trusted Zone: hola.org Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 193.162.153.164 194.239.134.83 Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL FF - ProfilePath - c:\users\Jonas\AppData\Roaming\Mozilla\Firefox\Profiles\cq3l04rs.default\ . . ------- Fil Associationer ------- . inifile="%SystemRoot%\system32\NOTEPAD.EXE" %1 txtfile="%SystemRoot%\system32\NOTEPAD.EXE" %1 . - - - - TOMME GENVEJE FJERNET - - - - . Wow6432Node-HKLM-Run-<NO NAME> - (no file) c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\DuckDnsUpdater.lnk - c:\program files (x86)\DuckDNSUpdater\DuckDnsUpdater.exe AddRemove-PokkiDownloadHelper - c:\users\Jonas\AppData\Local\Pokki\Download Helper\PokkiDownloadHelper.exe . . . --------------------- LÅSTE REGISTRERINGS NØGLER --------------------- . [HKEY_LOCAL_MACHINE\software\BlueStacks] "SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_16_0_0_305_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.16" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_16_0_0_305.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) @SACL= "Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) @SACL= . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0] @SACL= "Key"="ActionsPane3" "Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Alias] @SACL= @="" "0"="ActionsPane Schema for Add-Ins" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0\Solutions] @SACL= . ------------------------ Andre kørende processer ------------------------ . c:\program files (x86)\Malwarebytes Anti-Malware\mbam.exe c:\program files (x86)\360\Total Security\safemon\QHWatchdog.exe . ************************************************************************** . Gennemført tid: 2015-02-23 20:45:38 - maskinen blev genstartet ComboFix-quarantined-files.txt 2015-02-23 19:45 . Pre-Kørsel: 347.030.224.896 byte ledig Post-Kørsel: 347.526.520.832 byte ledig . - - End Of File - - 8A346F8BD26E3357B2B3DA34F67D32A1 A36C5E4F47E84449FF07ED3517B43A31 I am sure that I closed my Anti-Virus down, but in task manager its still showing, and I cannot end the task then it gives me error.
  5. Nidalee
    This is my personal computer, but its a laptop, so I'm using it at my school. I did close my Anti-Virus, also Malwarebytes, but it wont let me. I dont think my school network would block the download link, as i can access bleepingcomputer just fine. I can also download Rkill with no problems at all. So I dont know what is causing this. I disabled everything Qihoo 360 and Malwarebytes and its still blocked. Thank you very much for helping mee by the way!
  6. Nidalee
    Java did open an empty log, I did this 2 times to be sure that I got a blank document. TFC seemed to clean 9.000 MB of data, so this is great! Combofix seems to be blocked for me? -> Heres an image of the site i get. Also my Malwarebytes cant active the internet protection.
  7. Nidalee
    FRST + Addition FRST.txt Addition.txt
  8. Nidalee
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.4.2 (02.02.2015:1) OS: Windows 7 Ultimate x64 Ran by Jonas on 21-02-2015 at 15:33:15,43 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 21-02-2015 at 15:37:08,01 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # AdwCleaner v4.111 - Logfile created 21/02/2015 at 15:38:52 # Updated 18/02/2015 by Xplode # Database : 2015-02-18.3 [server] # Operating system : Windows 7 Ultimate Service Pack 1 (x64) # Username : Jonas - JONAS-PC # Running from : C:\Users\Jonas\Desktop\adwcleaner_4.111.exe # Option : Scan ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** ***** [ Registry ] ***** ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17631 -\\ Mozilla Firefox v35.0 (x86 da) -\\ Google Chrome v40.0.2214.115 -\\ Chromium v ************************* AdwCleaner[R0].txt - [13183 bytes] - [19/02/2015 21:01:07] AdwCleaner[R1].txt - [730 bytes] - [21/02/2015 15:38:52] AdwCleaner[s0].txt - [13850 bytes] - [19/02/2015 21:03:44] ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [848 bytes] ########## Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 21-02-2015 Scan Time: 15:42:32 Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.02.21.04 Rootkit Database: v2015.02.20.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Disabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Jonas Scan Type: Threat Scan Result: Completed Objects Scanned: 454783 Time Elapsed: 41 min, 15 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) ESET found lots of detections that MBAM didnt? Also the cracks are in my recycle bin, but i dont have one on my desktop and my folder is empty. Picture of recycle bin folder: http://gyazo.com/5105c9eb005a4b464374f98bdf01c77e C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$R62RDIL.rar a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RABCLH2.zip a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RBOLIDG.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RBSBKNQ.rar a variant of MSIL/CoinMiner.OV trojan deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RK4FVKD.exe a variant of MSIL/Packed.Confuser.J potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RKXUSXP.zip a variant of MSIL/Packed.Confuser.J potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RLXT52O.zip a variant of Win32/BitCoinMiner.BV potentially unsafe application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RMN3E8S.rar a variant of Win32/TrojanDropper.Agent.PYN trojan deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RMQD74O.zip a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$ROXKMNE.zip a variant of Win32/HackTool.Crack.CX potentially unsafe application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RQL9JNX.rar a variant of Win32/TrojanDropper.Agent.PYN trojan deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RXPVQHI.zip a variant of MSIL/Packed.Confuser.J potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RY2VCW4.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RYKIA2S.rar multiple threats deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RYXNCGU.rar a variant of Win32/TrojanDropper.Agent.PYN trojan deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$REJB04J\NulledIO.Launcher.exe a variant of MSIL/Packed.Confuser.J potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RPT4NGO\Program Files (x86)\ShopperPro\FireFox\content\overlay.js.vir JS/ShopperPro.A potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RPT4NGO\Windows\System32\roboot64.exe.vir a variant of Win64/Systweak.A potentially unwanted application deleted - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RSEC6X6.ORG\The Sims 4 Deluxe Edition\Game\Bin\3dmgame.dll a variant of Win32/Packed.VMProtect.AAA trojan cleaned by deleting - quarantined C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RSEC6X6.ORG\The Sims 4 Deluxe Edition\Game\Bin\rld.dll Win32/HackTool.Crack.CY potentially unsafe application deleted - quarantined C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application deleted - quarantined C:\Program Files (x86)\GMT-MAX.ORG\The Sims 4 Deluxe Edition\Game\Bin\rld.dll Win32/HackTool.Crack.CY potentially unsafe application deleted - quarantined C:\Users\Jonas\AppData\Local\Google\Chrome\User Data\Default\File System\007\t\00\00000000 Win32/Somoto.G potentially unwanted application deleted - quarantined C:\Users\Jonas\AppData\Roaming\Main\etPi2NqsbhAsg7zfrR1788w.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\Users\Jonas\AppData\Roaming\NulledIO\SmartCCBot\DebugTool.exe a variant of MSIL/Packed.Confuser.N potentially unwanted application deleted - quarantined C:\Users\Jonas\AppData\Roaming\NulledIO\SmartCCBot\SmartBotUpdater.exe a variant of MSIL/Packed.Confuser.N potentially unwanted application deleted - quarantined C:\Users\Jonas\AppData\Roaming\RefBoost\App\RefBoost.exe a variant of MSIL/Packed.Confuser.J potentially unwanted application deleted - quarantined C:\Users\Jonas\Desktop\best ever\HWID Generator.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\Users\Jonas\Desktop\best ever\rename_me.exe a variant of Win32/Packed.Themida potentially unwanted application deleted - quarantined C:\Users\Jonas\Desktop\bitmine\cudaminer-2014-02-28\x64\cudaminer.exe a variant of Win64/BitCoinMiner.AG potentially unsafe application deleted - quarantined C:\Users\Jonas\Desktop\bitmine\cudaminer-2014-02-28\x86\cudaminer.exe a variant of Win32/BitCoinMiner.BV potentially unsafe application deleted - quarantined C:\Users\Jonas\Desktop\Bullshit\Cry\AegisCrypter.exe a variant of Win32/TrojanDropper.Agent.PYN trojan cleaned by deleting - quarantined C:\Users\Jonas\Dropbox\spsetup124.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application deleted - quarantined C:\Users\Jonas\Dropbox\x64\cudaminer.exe a variant of Win64/BitCoinMiner.AG potentially unsafe application deleted - quarantined C:\Users\Jonas\Dropbox\x86\cudaminer.exe a variant of Win32/BitCoinMiner.BV potentially unsafe application deleted - quarantined
  9. Nidalee
    The Rkill briefly opend as you said. The registry thing worked. Heres the MBAM scan: Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 21-02-2015 Scan Time: 03:06:49 Logfile: Administrator: Yes Version: 2.00.4.1028 Malware Database: v2015.02.20.09 Rootkit Database: v2015.02.20.01 License: Premium Malware Protection: Enabled Malicious Website Protection: Disabled Self-protection: Enabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Jonas Scan Type: Threat Scan Result: Completed Objects Scanned: 454521 Time Elapsed: 33 min, 28 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 11 Backdoor.Agent.LDRGen, C:\Users\Jonas\Desktop\builder_MultiUpload.biz.zip, Quarantined, [d9de7fa1c5c5ae88898c65bfaf53d030], PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RSR512T.exe, Quarantined, [0fa877a9701a3ff7121a3df5e61be719], Trojan.MSIL, C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$R7G1TME.rar, Quarantined, [d8df9e82a7e369cd084049025ea311ef], PUP.Hacktool.Patcher, C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$R4EJFIA.rar, Quarantined, [eec9869a6129ec4a50c00006a45ce51b], Trojan.Onlinegames, C:\$Recycle.Bin\S-1-5-21-2972125048-3700076288-2468679237-1000\$RV0GPG2.7z, Quarantined, [aa0d70b0e5a578be359805f2f40e8779], PUP.Hacktool.Patcher, C:\Users\Jonas\Desktop\Hide\Disable PathGuard\no_ds_pg.exe, Quarantined, [ebcce33dddadf93d2fe19a6ced139d63], Rootkit.Agent, C:\Users\Jonas\Desktop\Hide\HideToolz x32\HideToolz.exe, Quarantined, [4a6d27f96e1cd85e4fba88cd8481c63a], Trojan.BCMiner.Bldr, C:\Users\Jonas\Desktop\yolo\Easy Silent Miner.exe, Quarantined, [4e695cc40387310567251e9905fd9c64], Trojan.MSIL, C:\Users\Jonas\Desktop\yolo\Miner.exe, Quarantined, [9c1b5dc36624e94d653554642ad6718f], Trojan.MSIL, C:\Users\Jonas\Desktop\yolo\Silent Miner\Mining.exe, Quarantined, [7c3b1a0679115cda0f2d3977639e9f61], Backdoor.Agent.STB, C:\Users\Jonas\Desktop\yolo\Silent Miner\Silent Miner.exe, Quarantined, [199e29f76b1fd561dfbecb217b8505fb], Physical Sectors: 0 (No malicious items detected) (end)
  10. Nidalee
    I actually have nothing inside my Downloads folder. As i said before i cleared everything inside it. http://gyazo.com/41e3d9819b0bacabc1f32b64468cc171
  11. Nidalee
    Can you guys help me remove, any crack related program? I really want to get help, and I deleted what I could find.
  12. Nidalee
    I have deleted the torrents + the games. = Download folder cleared. The addition log still shows some task that i dont know what is. FRST.txt Addition.txt
  13. Nidalee
    As i wrote in the topic: I dont think i have anything cracked on my computer, if I do help me get rid of it. Can you locate these folders for me? And as its hard i cant uninstall things so i have to delete the main folder?
  14. Nidalee
    Hello Malwarebytes forum, My computer is really annoying me. I cannot do anything on it.. I dont think i have anything cracked on my computer, if I do help me get rid of it. Symptoms. 1. explorer.exe crashes, when trying to relaunch thru task manager it gives me an error that i do not have enough memory. But i have 12GB ram. 2. Bluescreen of death when virus scanning. 3. When starting computer, I always have to run startup repair to start my computer. 4. random freezes, no admin rights, I dont even have a recycle bin on my desktop its gone out of nowhere. 5. Lots of problems. 6. My keyboard writes 2 times the letters sometimes, I have plugged in another keyboard and the same problem happens. I have been changing the keyboard response, and no change at all. I cant format my PC, I cant system restore, I cant do anything :/ FRST.txt Addition.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.