ComboFix 13-09-04.04 - Ole 05.09.2013  21:41:41.1.8 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.47.1044.18.8092.5883 [GMT 2:00]
Kjører fra: c:\users\Ole\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5}
SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 * Opprettet nytt gjenopprettingspunkt
.
.
(((((((((((((((((((((((((((((((((((((((   Andre slettinger   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\windows\SysWow64\frapsvid.dll
F:\install.exe
.
.
(((((((((((((((((((((((((((   Filer Opprettet Fra 2013-08-05 til 2013-09-05  )))))))))))))))))))))))))))))))))
.
.
2013-09-05 19:43 . 2013-09-05 19:43	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-09-05 19:02 . 2013-09-05 19:02	--------	d-----w-	c:\users\Ole\AppData\Roaming\SUPERAntiSpyware.com
2013-09-05 19:02 . 2013-09-05 19:02	--------	d-----w-	c:\program files\SUPERAntiSpyware
2013-09-05 19:02 . 2013-09-05 19:02	--------	d-----w-	c:\programdata\SUPERAntiSpyware.com
2013-09-05 18:51 . 2013-09-05 18:51	--------	d-----w-	c:\users\Ole\AppData\Roaming\Malwarebytes
2013-09-05 18:51 . 2013-09-05 18:51	--------	d-----w-	c:\programdata\Malwarebytes
2013-09-05 18:51 . 2013-09-05 18:51	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-09-05 18:51 . 2013-04-04 12:50	25928	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-09-05 18:51 . 2013-09-05 18:51	--------	d-----w-	c:\users\Ole\AppData\Local\Programs
2013-09-05 18:37 . 2013-08-06 08:58	9515512	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{3AADC075-9D2B-4DCF-AEE0-94C7E0042AA1}\mpengine.dll
2013-09-04 07:53 . 2013-08-06 08:58	9515512	----a-w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-08-30 15:32 . 2013-07-09 06:03	5550528	----a-w-	c:\windows\system32\ntoskrnl.exe
2013-08-30 15:32 . 2013-07-09 05:54	1732032	----a-w-	c:\windows\system32\ntdll.dll
2013-08-30 15:32 . 2013-07-09 05:53	243712	----a-w-	c:\windows\system32\wow64.dll
2013-08-30 15:32 . 2013-07-09 05:03	3968960	----a-w-	c:\windows\SysWow64\ntkrnlpa.exe
2013-08-30 15:32 . 2013-07-09 05:03	3913664	----a-w-	c:\windows\SysWow64\ntoskrnl.exe
2013-08-30 15:32 . 2013-07-09 04:53	1292192	----a-w-	c:\windows\SysWow64\ntdll.dll
2013-08-30 15:32 . 2013-07-09 02:49	14336	----a-w-	c:\windows\SysWow64\ntvdm64.dll
2013-08-30 15:32 . 2013-07-09 04:52	5120	----a-w-	c:\windows\SysWow64\wow32.dll
2013-08-30 15:32 . 2013-07-09 02:49	25600	----a-w-	c:\windows\SysWow64\setup16.exe
2013-08-30 15:32 . 2013-07-09 02:49	7680	----a-w-	c:\windows\SysWow64\instnm.exe
2013-08-30 15:32 . 2013-07-09 02:49	2048	----a-w-	c:\windows\SysWow64\user.exe
2013-08-23 18:10 . 2013-08-23 18:10	941720	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{86A51E60-9FA0-4317-AF17-0520D6650E83}\gapaengine.dll
2013-08-18 10:06 . 2013-07-09 05:52	224256	----a-w-	c:\windows\system32\wintrust.dll
2013-08-17 17:12 . 2013-06-18 14:22	867072	----a-w-	c:\program files (x86)\Mozilla Firefox\uninstall\helper.exe
2013-08-14 06:40 . 2013-07-09 04:52	175104	----a-w-	c:\windows\SysWow64\wintrust.dll
2013-08-14 06:40 . 2013-07-09 05:51	1217024	----a-w-	c:\windows\system32\rpcrt4.dll
2013-08-08 10:58 . 2013-08-18 10:46	--------	d-----w-	c:\users\Gjest
2013-08-07 00:16 . 2013-08-18 12:49	--------	d-----w-	c:\windows\system32\MRT
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Rapport   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-08-30 17:15 . 2013-04-10 20:44	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.xtr
2013-08-30 17:15 . 2013-04-07 21:47	290184	----a-w-	c:\windows\SysWow64\PnkBstrB.exe
2013-08-30 17:14 . 2013-04-07 21:47	280904	----a-w-	c:\windows\SysWow64\PnkBstrB.ex0
2013-08-18 12:48 . 2013-04-07 16:25	78161360	----a-w-	c:\windows\system32\MRT.exe
2013-07-17 05:37 . 2013-04-24 05:27	941720	------w-	c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-07-09 04:45 . 2013-08-30 15:32	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2013-06-28 19:04 . 2013-04-08 15:55	71048	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-06-28 19:04 . 2013-04-08 15:55	692104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-06-21 12:06 . 2013-07-02 16:03	572704	----a-w-	c:\windows\system32\NvFBC64.dll
2013-06-21 12:06 . 2013-07-02 16:03	570656	----a-w-	c:\windows\system32\NvIFR64.dll
2013-06-21 12:06 . 2013-07-02 16:03	467232	----a-w-	c:\windows\SysWow64\NvIFR.dll
2013-06-21 12:06 . 2013-07-02 16:03	465184	----a-w-	c:\windows\SysWow64\NvFBC.dll
2013-06-21 12:06 . 2013-07-02 16:03	218592	----a-w-	c:\windows\system32\nvoglshim64.dll
2013-06-21 12:06 . 2013-07-02 16:03	1832224	----a-w-	c:\windows\system32\nvdispco6432049.dll
2013-06-21 12:06 . 2013-07-02 16:03	181488	----a-w-	c:\windows\SysWow64\nvoglshim32.dll
2013-06-21 12:06 . 2013-07-02 16:03	1511712	----a-w-	c:\windows\system32\nvdispgenco6432049.dll
2013-06-21 12:06 . 2013-04-07 16:26	61216	----a-w-	c:\windows\system32\OpenCL.dll
2013-06-21 12:06 . 2013-04-07 16:26	53024	----a-w-	c:\windows\SysWow64\OpenCL.dll
2013-06-12 19:48 . 2013-04-25 17:49	867240	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-06-12 19:48 . 2013-04-25 17:49	789416	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-06-12 19:47 . 2013-04-25 17:49	96168	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((((((   Oppstartspunkter I Registeret   )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Merk* tomme oppføringer & gyldige standardoppføringer vises ikke  
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EADM"="c:\program files (x86)\Origin\Origin.exe" [2013-08-27 3549528]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2013-08-28 1811880]
"Spotify Web Helper"="c:\users\Ole\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-07-05 1104384]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-08-15 6581488]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2011-05-20 284440]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-03-12 253816]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft Network Inspection;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD Scan Support via UMB;c:\windows\system32\DRIVERS\WSDScan.sys;c:\windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
S0 mv91cons;Marvell 91xx Config Device Driver;c:\windows\system32\DRIVERS\mv91cons.sys;c:\windows\SYSNATIVE\DRIVERS\mv91cons.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 androidusb;ADB Interface Driver;c:\windows\system32\Drivers\androidusb.sys;c:\windows\SYSNATIVE\Drivers\androidusb.sys [x]
S3 CamDrL64;Logitech QuickCam Pro 3000(PID_08B0);c:\windows\system32\DRIVERS\CamDrL64.sys;c:\windows\SYSNATIVE\DRIVERS\CamDrL64.sys [x]
S3 cxbu0x64;OMNIKEY 3x21;c:\windows\system32\DRIVERS\cxbu0x64.sys;c:\windows\SYSNATIVE\DRIVERS\cxbu0x64.sys [x]
S3 IntcDAud;Intel(R) Skjermlyd;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 LVUSBS64;Logitech USB Monitor Filter;c:\windows\system32\DRIVERS\LVUSBS64.sys;c:\windows\SYSNATIVE\DRIVERS\LVUSBS64.sys [x]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\nusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3hub.sys [x]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\DRIVERS\nusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\nusb3xhc.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
--- Andre tjenester/drivere lastet i minnet ---
.
*NewlyCreated* - SASDIFSV
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-09-04 07:54	1177552	----a-w-	c:\program files (x86)\Google\Chrome\Application\29.0.1547.66\Installer\chrmstp.exe
.
Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver)
.
2013-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-07 16:32]
.
2013-09-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-04-07 16:32]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-01-27 1281512]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Tilleggsskanning -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Ole\AppData\Roaming\Mozilla\Firefox\Profiles\zbm3rsc0.default\
.
- - - - TOMME PEKERE FJERNET - - - -
.
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
.
.
.
--------------------- LÅSTE REGISTERNØKLER ---------------------
.
[HKEY_USERS\S-1-5-21-1133331826-2370071666-1862651635-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-1133331826-2370071666-1862651635-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Tidspunkt ferdig: 2013-09-05  21:44:51
ComboFix-quarantined-files.txt  2013-09-05 19:44
.
Pre-Run: 20 395 495 424 byte ledig
Post-Run: 21 034 721 280 byte ledig
.
- - End Of File - - 1BAF5E03B24A1978764450A86D4FFEBE