ComboFix 11-07-07.06 - Arne Austenå 08.07.2011   8:49.1.2 - x64
Microsoft Windows 7 Ultimate   6.1.7600.0.1252.47.1044.18.4095.2734 [GMT 2:00]
Kjører fra: c:\users\Arne Austenå\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {108DAC43-C256-20B7-BB05-914135DA5160}
SP: Microsoft Security Essentials *Disabled/Updated* {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\system32\no
c:\windows\system32\no\AuthFWSnapIn.Resources.dll
c:\windows\system32\no\AuthFWWizFwk.Resources.dll
c:\windows\SysWow64\no
c:\windows\SysWow64\no\AuthFWSnapIn.Resources.dll
c:\windows\SysWow64\no\AuthFWWizFwk.Resources.dll
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2011-06-08 til 2011-07-08  )))))))))))))))))))))))))))))))))
.
.
2011-07-08 07:58 . 2011-07-07 22:05	--------	d-----w-	c:\windows\Panther
2011-07-08 06:53 . 2011-07-08 06:53	--------	d-----w-	c:\users\Default\AppData\Local\temp
2011-07-08 06:45 . 2011-05-29 07:11	39984	----a-w-	c:\windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-08 06:45 . 2011-07-08 06:45	--------	d-----w-	c:\programdata\Malwarebytes
2011-07-08 06:45 . 2011-07-08 06:45	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2011-07-08 06:45 . 2011-05-29 07:11	25912	----a-w-	c:\windows\system32\drivers\mbam.sys
2011-07-08 04:30 . 2011-07-08 04:30	--------	d-----w-	c:\program files (x86)\Microsoft Silverlight
2011-07-08 04:16 . 2011-07-08 04:16	--------	d-----w-	c:\windows\system32\SPReview
2011-07-08 04:16 . 2011-07-08 04:16	--------	d-----w-	c:\windows\system32\EventProviders
2011-07-07 23:36 . 2011-07-07 23:36	--------	d-----w-	c:\program files (x86)\Microsoft.NET
2011-07-07 23:29 . 2011-07-07 23:29	--------	d-----w-	c:\windows\SysWow64\Wat
2011-07-07 23:29 . 2011-07-07 23:29	--------	d-----w-	c:\windows\system32\Wat
2011-07-07 23:22 . 2010-09-14 06:45	367104	----a-w-	c:\windows\system32\wcncsvc.dll
2011-07-07 23:22 . 2010-09-14 06:07	276992	----a-w-	c:\windows\SysWow64\wcncsvc.dll
2011-07-07 22:56 . 2011-07-08 06:52	--------	d-----w-	c:\programdata\boost_interprocess
2011-07-07 22:54 . 2009-09-10 06:28	311808	----a-w-	c:\windows\system32\msv1_0.dll
2011-07-07 22:54 . 2009-09-10 05:52	257024	----a-w-	c:\windows\SysWow64\msv1_0.dll
2011-07-07 22:53 . 2011-07-07 22:53	--------	d-----w-	c:\program files\TeamSpeak 3 Client
2011-07-07 22:51 . 2011-07-07 22:52	--------	d-----r-	c:\program files (x86)\Skype
2011-07-07 22:51 . 2011-07-07 22:51	--------	d-----w-	c:\programdata\Skype
2011-07-07 22:48 . 2011-07-07 22:48	--------	d-----w-	c:\program files (x86)\Spotify
2011-07-07 22:42 . 2009-10-10 03:17	14336	----a-w-	c:\windows\system32\drivers\sffp_sd.sys
2011-07-07 22:41 . 2009-11-25 10:47	99176	----a-w-	c:\windows\SysWow64\PresentationHostProxy.dll
2011-07-07 22:41 . 2009-11-25 10:47	49472	----a-w-	c:\windows\SysWow64\netfxperf.dll
2011-07-07 22:41 . 2009-11-25 10:47	297808	----a-w-	c:\windows\SysWow64\mscoree.dll
2011-07-07 22:41 . 2009-11-25 10:47	295264	----a-w-	c:\windows\SysWow64\PresentationHost.exe
2011-07-07 22:41 . 2009-11-25 10:47	48960	----a-w-	c:\windows\system32\netfxperf.dll
2011-07-07 22:41 . 2009-11-25 10:47	1130824	----a-w-	c:\windows\SysWow64\dfshim.dll
2011-07-07 22:41 . 2009-11-25 10:47	109912	----a-w-	c:\windows\system32\PresentationHostProxy.dll
2011-07-07 22:41 . 2009-11-25 10:47	444752	----a-w-	c:\windows\system32\mscoree.dll
2011-07-07 22:41 . 2009-11-25 10:47	320352	----a-w-	c:\windows\system32\PresentationHost.exe
2011-07-07 22:41 . 2009-11-25 10:47	1942856	----a-w-	c:\windows\system32\dfshim.dll
2011-07-07 22:41 . 2010-02-23 08:16	294912	----a-w-	c:\windows\system32\browserchoice.exe
2011-07-07 22:33 . 2010-03-04 04:32	243712	----a-w-	c:\windows\system32\drivers\ks.sys
2011-07-07 22:26 . 2011-07-07 22:26	601424	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{65832640-1145-49D8-AA07-ABF2D01EFBC3}\gapaengine.dll
2011-07-07 22:26 . 2011-06-07 08:10	8873296	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{26A1E14E-1D03-4ADE-914E-EECE619172E1}\mpengine.dll
2011-07-07 22:26 . 2010-10-19 20:51	270720	------w-	c:\windows\system32\MpSigStub.exe
2011-07-07 22:24 . 2011-07-07 22:24	--------	d-----w-	c:\program files (x86)\Common Files\Java
2011-07-07 22:24 . 2011-07-07 22:24	472808	----a-w-	c:\windows\SysWow64\deployJava1.dll
2011-07-07 22:22 . 2011-04-25 05:32	1896832	----a-w-	c:\windows\system32\drivers\tcpip.sys
2011-07-07 22:21 . 2011-04-27 02:57	102400	----a-w-	c:\windows\system32\drivers\dfsc.sys
2011-07-07 22:21 . 2010-05-05 07:37	483840	----a-w-	c:\windows\system32\StructuredQuery.dll
2011-07-07 22:21 . 2010-05-05 06:46	363520	----a-w-	c:\windows\SysWow64\StructuredQuery.dll
2011-07-07 22:21 . 2011-03-12 12:03	662528	----a-w-	c:\windows\system32\XpsPrint.dll
2011-07-07 22:21 . 2011-03-12 11:31	442880	----a-w-	c:\windows\SysWow64\XpsPrint.dll
2011-07-07 22:19 . 2011-07-07 22:19	--------	d-----w-	c:\program files\7-Zip
2011-07-07 22:16 . 2011-02-23 05:15	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2011-07-07 22:15 . 2011-07-07 22:15	--------	d-----w-	c:\program files (x86)\Microsoft Security Client
2011-07-07 22:14 . 2011-07-08 04:30	--------	d-sh--w-	c:\windows\Installer
2011-07-07 22:14 . 2011-07-07 22:15	--------	d-----w-	c:\program files\Microsoft Security Client
2011-07-07 22:14 . 2010-04-09 11:06	374664	----a-w-	c:\windows\system32\drivers\netio.sys
2011-07-07 22:07 . 2009-12-29 08:03	220672	----a-w-	c:\windows\system32\wintrust.dll
2011-07-07 22:07 . 2009-12-29 06:55	172032	----a-w-	c:\windows\SysWow64\wintrust.dll
2011-07-07 22:07 . 2010-01-09 07:19	139264	----a-w-	c:\windows\system32\cabview.dll
2011-07-07 22:07 . 2010-01-09 06:52	132608	----a-w-	c:\windows\SysWow64\cabview.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-04-27 13:25 . 2011-04-27 13:25	84864	----a-w-	c:\windows\system32\drivers\NisDrvWFP.sys
2011-04-18 11:18 . 2011-04-18 11:18	40832	----a-w-	c:\windows\system32\drivers\MpNWMon.sys
2011-04-18 11:18 . 2011-04-18 11:18	189440	----a-w-	c:\windows\system32\drivers\MpFilter.sys
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-06-15 15141768]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-04-08 254696]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-05-29 449584]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\Antimalware\NisSrv.exe [2011-04-27 288272]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
S3 KoneFltr;ROCCAT Kone;c:\windows\system32\drivers\Kone.sys [x]
S3 MpNWMon;Microsoft Malware Protection Network Driver;c:\windows\system32\DRIVERS\MpNWMon.sys [x]
.
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
.
--------- x86-64 -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2011-06-15 1436736]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.no/
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 130.67.15.198 193.213.112.4
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2011-07-08  08:54:44
ComboFix-quarantined-files.txt  2011-07-08 06:54
.
Pre-Run: 348 631 465 984 byte ledig
Post-Run: 348 614 651 904 byte ledig
.
- - End Of File - - 87077A2E0C5B73DAD4060A7CEC766F91