ComboFix 10-03-08.02 - Renate 09.03.2010 12:55:53.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.47.1044.18.3066.1452 [GMT 1:00] Kjører fra: c:\users\Renate\Desktop\ComboFix.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Suyin.reg . ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-02-09 til 2010-03-09 ))))))))))))))))))))))))))))))))) . 2010-03-09 11:26 . 2010-03-09 11:26 -------- d-----w- c:\users\Renate\AppData\Roaming\Malwarebytes 2010-03-09 11:25 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-09 11:25 . 2010-03-09 11:25 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-09 11:25 . 2010-03-09 11:25 -------- d-----w- c:\programdata\Malwarebytes 2010-03-09 11:25 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-09 11:11 . 2010-03-09 11:11 -------- d-----w- c:\users\Renate\AppData\Roaming\Corel 2010-03-09 11:07 . 2010-03-09 11:07 -------- d-----w- c:\program files\Windows Media Components 2010-03-09 11:07 . 2010-03-09 11:08 -------- d-----w- c:\programdata\Ulead Systems 2010-03-09 11:07 . 2010-03-09 11:07 -------- d-----w- c:\program files\Common Files\Ulead Systems 2010-03-09 11:06 . 2010-03-09 11:06 -------- d-----w- c:\program files\Corel 2010-03-09 10:57 . 2010-03-09 10:58 -------- d-----w- c:\program files\Windows Live Safety Center 2010-03-09 10:43 . 2010-03-09 10:43 -------- d-----w- c:\users\Renate\Tracing 2010-03-09 10:42 . 2010-03-09 10:42 -------- d-----w- c:\program files\Microsoft 2010-03-09 10:41 . 2010-03-09 10:41 -------- d-----w- c:\program files\Windows Live SkyDrive 2010-03-09 10:41 . 2010-03-09 10:42 -------- d-----w- c:\program files\Windows Live 2010-03-09 10:39 . 2010-03-09 10:39 -------- d-----w- c:\program files\Common Files\Windows Live 2010-03-09 10:14 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll 2010-03-09 10:14 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll 2010-03-09 10:14 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll 2010-03-09 10:14 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-03-09 10:14 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll 2010-03-09 10:14 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe 2010-03-09 10:14 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe 2010-03-09 10:11 . 2010-03-09 10:11 -------- d-----w- c:\windows\Sun 2010-03-09 10:10 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll 2010-03-09 10:10 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll 2010-03-09 10:10 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll 2010-03-09 10:09 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll 2010-03-09 10:09 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll 2010-03-09 10:01 . 2010-03-09 10:01 -------- d-----w- c:\users\Renate\AppData\Roaming\Yahoo! 2010-03-09 10:01 . 2010-03-09 10:01 -------- d-----w- c:\programdata\Yahoo! Companion 2010-03-09 09:47 . 2010-03-09 09:52 -------- d-----w- c:\programdata\WinZip 2010-03-09 09:43 . 2010-03-09 09:43 -------- d-----w- c:\windows\system32\Adobe 2010-03-09 09:42 . 2010-03-09 09:42 -------- d-----w- c:\program files\Thinking BIG 2010-03-09 09:40 . 2010-03-09 09:40 -------- d-----w- c:\users\Renate\AppData\Roaming\Apple Computer 2010-03-09 09:39 . 2010-03-09 09:39 -------- d-----w- c:\programdata\Apple 2010-03-09 09:38 . 2010-03-09 09:38 -------- d-----w- c:\program files\CCleaner 2010-03-09 09:37 . 2010-03-09 09:37 -------- d-----w- c:\program files\Common Files\Java 2010-03-09 09:36 . 2010-03-09 09:36 411368 ----a-w- c:\windows\system32\deploytk.dll 2010-03-09 09:36 . 2010-03-09 09:36 -------- d-----w- c:\program files\Java 2010-03-09 08:10 . 2008-03-27 04:14 223288 ----a-w- c:\windows\system32\drivers\netio.sys 2010-03-09 08:08 . 2009-08-07 02:24 44768 ----a-w- c:\windows\system32\wups2.dll 2010-03-09 08:08 . 2009-08-07 02:24 53472 ----a-w- c:\windows\system32\wuauclt.exe 2010-03-09 08:08 . 2009-08-07 02:23 1929952 ----a-w- c:\windows\system32\wuaueng.dll 2010-03-09 08:08 . 2009-08-07 01:45 2421760 ----a-w- c:\windows\system32\wucltux.dll 2010-03-09 08:08 . 2010-03-09 08:08 242568 ----a-w- c:\programdata\avg9\update\backup\avgtdix.sys 2010-03-09 08:08 . 2009-08-07 02:24 35552 ----a-w- c:\windows\system32\wups.dll 2010-03-09 08:08 . 2009-08-07 01:44 87552 ----a-w- c:\windows\system32\wudriver.dll 2010-03-09 08:08 . 2009-08-07 02:23 575704 ----a-w- c:\windows\system32\wuapi.dll 2010-03-09 08:08 . 2009-08-06 18:23 171608 ----a-w- c:\windows\system32\wuwebv.dll 2010-03-09 08:08 . 2009-08-06 17:44 33792 ----a-w- c:\windows\system32\wuapp.exe 2010-03-09 08:06 . 2008-02-22 04:57 295936 ----a-w- c:\windows\system32\gdi32.dll 2010-03-09 08:05 . 2008-02-22 05:01 826880 ----a-w- c:\windows\system32\wininet.dll 2010-03-09 08:04 . 2008-02-29 04:21 2032128 ----a-w- c:\windows\system32\win32k.sys 2010-03-09 08:02 . 2008-02-29 06:35 6656 ----a-w- c:\windows\system32\kbd106n.dll 2010-03-09 08:02 . 2008-02-29 07:14 19000 ----a-w- c:\windows\system32\kd1394.dll 2010-03-09 08:02 . 2008-02-29 06:53 40960 ----a-w- c:\windows\system32\srclient.dll 2010-03-09 08:02 . 2008-02-29 04:12 14848 ----a-w- c:\windows\system32\srdelayed.exe 2010-03-09 08:02 . 2008-02-29 07:11 927288 ----a-w- c:\windows\system32\winresume.exe 2010-03-09 08:02 . 2008-02-29 07:11 988216 ----a-w- c:\windows\system32\winload.exe 2010-03-09 08:02 . 2008-02-29 06:53 378368 ----a-w- c:\windows\system32\srcore.dll 2010-03-09 08:02 . 2008-02-29 06:53 46592 ----a-w- c:\windows\system32\setbcdlocale.dll 2010-03-09 08:02 . 2008-02-29 04:12 318464 ----a-w- c:\windows\system32\rstrui.exe 2010-03-09 08:02 . 2008-02-22 05:05 615992 ----a-w- c:\windows\system32\ci.dll 2010-03-09 08:01 . 2008-05-14 03:01 625152 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys 2010-03-09 08:00 . 2008-05-08 05:22 323584 ----a-w- c:\windows\system32\untfs.dll 2010-03-09 08:00 . 2008-05-08 02:48 643072 ----a-w- c:\windows\system32\autochk.exe 2010-03-09 08:00 . 2008-02-05 04:21 73216 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-03-09 08:00 . 2008-02-05 04:21 226304 ----a-w- c:\windows\system32\drivers\usbport.sys 2010-03-09 08:00 . 2008-02-05 04:21 39424 ----a-w- c:\windows\system32\drivers\usbehci.sys 2010-03-09 08:00 . 2008-02-05 04:21 23552 ----a-w- c:\windows\system32\drivers\usbuhci.sys 2010-03-09 08:00 . 2008-02-05 04:21 5888 ----a-w- c:\windows\system32\drivers\usbd.sys 2010-03-09 08:00 . 2008-02-05 04:21 194560 ----a-w- c:\windows\system32\drivers\usbhub.sys 2010-03-09 07:58 . 2008-05-07 05:29 45567769 ----a-w- c:\windows\system32\acer.exe 2010-03-09 07:58 . 2007-04-19 12:41 83554304 ----a-w- c:\windows\system32\acer.scr 2010-03-09 07:58 . 2010-03-09 07:58 -------- d-----w- c:\program files\Acer Incorporated 2010-03-09 07:57 . 2010-03-09 07:58 -------- d-----w- c:\windows\ACER 2010-03-09 07:57 . 2010-03-09 07:57 52872 ----a-w- c:\windows\system32\drivers\avgrkx86.sys 2010-03-09 07:57 . 2010-03-09 07:57 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-03-09 07:57 . 2010-03-09 08:08 242696 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-03-09 07:57 . 2010-03-09 07:57 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-03-09 07:57 . 2010-03-09 07:57 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-03-09 07:57 . 2010-03-09 10:55 -------- d-----w- c:\windows\system32\drivers\Avg 2010-03-09 07:57 . 2010-03-09 07:57 -------- d-----w- c:\programdata\AVG Security Toolbar 2010-03-09 07:56 . 2010-03-09 07:56 24856 ----a-w- c:\windows\system32\drivers\avgfwd6x.sys 2010-03-09 07:56 . 2010-03-09 07:56 -------- d-----w- c:\programdata\avg9 2010-03-09 07:56 . 2010-03-09 07:56 -------- d-----w- c:\program files\AVG 2010-03-09 07:55 . 2008-01-16 17:35 82432 ----a-w- c:\windows\system32\msxml4r.dll 2010-03-09 07:55 . 2008-01-16 17:35 44544 ----a-w- c:\windows\system32\msxml4a.dll 2010-03-09 07:55 . 2008-01-16 17:35 1233920 ----a-w- c:\windows\system32\msxml4.dll 2010-03-09 07:53 . 2010-03-09 07:53 -------- d-----w- c:\users\Renate\AppData\Local\PlayMovie 2010-03-09 07:52 . 2010-03-09 07:52 -------- d-----w- c:\users\Renate\AppData\Local\PowerCinema 2010-03-09 07:51 . 2010-03-09 07:53 -------- d-----w- c:\programdata\CyberLink 2010-03-09 07:48 . 2010-03-09 07:55 -------- d-----w- c:\program files\Acer Arcade Deluxe 2010-03-09 07:46 . 2010-03-09 07:46 1548099 ----a-w- c:\windows\system32\VMC3KAPI.dll 2010-03-09 07:46 . 2010-03-09 07:46 114688 ----a-w- c:\windows\system32\VCryptAPI.dll 2010-03-09 07:46 . 2010-03-09 07:46 23040 ----a-w- c:\windows\system32\ShlCmd.exe 2010-03-09 07:45 . 2010-03-09 07:45 5632 ----a-w- c:\windows\system32\biologon.dll 2010-03-09 07:45 . 2010-03-09 07:45 43184 ----a-w- c:\windows\system32\drivers\AlfaFF.sys 2010-03-09 07:45 . 2010-03-09 07:45 331776 ----a-w- c:\windows\system32\DrvCrypt.dll 2010-03-09 07:45 . 2010-03-09 07:45 16384 ----a-w- c:\windows\system32\AlfaFF.dll 2010-03-09 07:45 . 2010-03-09 07:45 189952 ----a-w- c:\windows\system32\PBAGUI.dll 2010-03-09 07:45 . 2010-03-09 07:45 208896 ----a-w- c:\windows\system32\ATSC70PBA.dll 2010-03-09 07:45 . 2008-04-25 09:31 146688 ----a-w- c:\windows\system32\drivers\atswpdrv.sys 2010-03-09 07:45 . 2010-03-09 07:45 -------- d-----w- c:\program files\Fingerprint Sensor 2010-03-09 07:45 . 2010-03-09 07:45 -------- d-----w- c:\windows\Downloaded Installations 2010-03-09 07:44 . 2010-03-09 07:54 -------- d-----r- c:\users\Renate\Hjemmesidene pluss tillegg 2010-03-09 07:43 . 2010-03-09 07:43 -------- d-----w- c:\program files\Acer Inc 2010-03-09 07:42 . 2008-05-20 08:57 262144 ----a-w- c:\windows\Acer Crystal Eye webcam.EXE 2010-03-09 07:42 . 2007-10-23 09:56 200704 ----a-w- c:\windows\PLFSetI.exe 2010-03-09 07:42 . 2007-03-29 15:48 626688 ----a-w- c:\windows\Image.dll 2010-03-09 07:42 . 2010-03-09 07:42 -------- d-----w- c:\users\Renate\AppData\Roaming\InstallShield 2010-03-09 07:39 . 2008-02-12 05:19 233472 ----a-w- c:\windows\system32\BtwRSupport.dll 2010-03-09 07:39 . 2010-03-09 07:39 -------- d-----w- c:\windows\system32\es-MX 2010-03-09 07:39 . 2010-03-09 07:39 -------- d-----w- c:\windows\system32\es-AR 2010-03-09 07:39 . 2010-03-09 07:39 -------- d-----w- c:\program files\WIDCOMM 2010-03-09 07:38 . 2010-03-09 09:36 -------- d-----w- c:\users\Renate\AppData\Local\Adobe 2010-03-09 07:37 . 2010-03-09 07:37 -------- d-----w- c:\program files\Launch Manager 2010-03-09 07:37 . 2010-03-09 07:37 -------- d-----w- c:\programdata\NVIDIA 2010-03-09 07:36 . 2010-03-09 11:13 73640 ----a-w- c:\users\Renate\AppData\Local\GDIPFONTCACHEV1.DAT 2010-03-09 07:36 . 2010-03-09 07:36 -------- d-----w- c:\users\Renate\AppData\Local\VirtualStore 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\users\Default\Start-meny 2010-03-09 06:26 . 2010-03-09 06:26 -------- d-----w- c:\windows\system32\NOR 2010-03-09 06:26 . 2010-03-09 06:26 -------- d-----w- c:\windows\system32\Lang 2010-03-09 06:26 . 2008-04-18 12:29 1034776 ----a-w- c:\windows\system32\imsmudlg.exe . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-09 12:27 . 2010-03-09 07:36 27934 ----a-w- c:\programdata\nvModes.dat 2010-03-09 12:16 . 2008-01-21 06:14 76478 ----a-w- c:\windows\system32\perfc014.dat 2010-03-09 12:16 . 2008-01-21 06:14 452326 ----a-w- c:\windows\system32\perfh014.dat 2010-03-09 09:40 . 2010-03-09 09:40 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2010-03-09 09:40 . 2010-03-09 09:40 -------- d-----w- c:\program files\iTunes 2010-03-09 09:40 . 2010-03-09 09:40 -------- d-----w- c:\program files\iPod 2010-03-09 09:40 . 2010-03-09 09:39 -------- d-----w- c:\program files\Common Files\Apple 2010-03-09 09:40 . 2010-03-09 09:39 -------- d-----w- c:\programdata\Apple Computer 2010-03-09 09:39 . 2010-03-09 09:39 -------- d-----w- c:\program files\Bonjour 2010-03-09 09:39 . 2010-03-09 09:39 -------- d-----w- c:\program files\QuickTime 2010-03-09 09:39 . 2010-03-09 09:39 -------- d-----w- c:\program files\Apple Software Update 2010-03-09 08:15 . 2008-04-20 15:16 -------- d-----w- c:\programdata\McAfee 2010-03-09 08:13 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-03-09 08:12 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-03-09 07:57 . 2008-04-20 15:05 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-03-09 07:45 . 2008-04-20 15:15 -------- d-----w- c:\program files\Acer 2010-03-09 07:41 . 2008-04-20 15:17 -------- d-----w- c:\programdata\SiteAdvisor 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Start-meny 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Skrivebord 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Programdata 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Maler 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Favoritter 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\programdata\Dokumenter 2010-03-09 07:32 . 2010-03-09 07:32 -------- d-sh--we c:\program files\Fellesfiler 2010-03-09 06:26 . 2008-04-20 15:01 -------- d-----w- c:\program files\Intel . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{A3BC75A2-1F87-4686-AA43-5347D756017C}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{a3bc75a2-1f87-4686-aa43-5347d756017c}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}] 2010-02-23 13:04 1664256 ----a-w- c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{CCC7A320-B3CA-4199-B1A6-9F516DD69829}"= "c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll" [2010-02-23 1664256] [HKEY_CLASSES_ROOT\clsid\{ccc7a320-b3ca-4199-b1a6-9f516dd69829}] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-03-04 21:38 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920] "WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 2153472] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-28 6111232] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-01-18 1033512] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-04-23 397312] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-03-04 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-03-07 544768] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-04-21 13535776] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-04-21 92704] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-04-15 178712] "WarReg_PopUp"="c:\program files\Acer\WR_PopUp\WarReg_PopUp.exe" [2008-01-29 303104] "LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-07-02 821768] "PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704] "ZPdtWzdVitaKey MC3000"="c:\program files\Acer\Acer Bio Protection\PdtWzd.exe" [2010-03-09 3607040] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-05-12 147456] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-05-12 167936] "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-05-12 167936] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-02-15 141608] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-2-12 723496] WinZip Quick Pick.lnk - c:\program files\WinZip\WZQKPICK.EXE [2009-11-18 495432] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\AWinNotifyVitaKey MC3000] 2010-03-09 07:46 2972160 ----a-w- c:\program files\Acer\Acer Bio Protection\WinNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\System32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" R3 A310;AVerMedia A310 DVB-T;c:\windows\system32\DRIVERS\AVerA310USB.sys [2008-04-15 25856] R3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\AVG\AVG9\Toolbar\ToolbarBroker.exe [2010-02-23 369920] R3 BDASwCap;AVerMedia A310 BDA DVBT Capture Device;c:\windows\system32\drivers\AVerA310Cap.sys [2008-04-15 42880] S0 AlfaFF;AlfaFF File System mini-filter;c:\windows\system32\Drivers\AlfaFF.sys [2010-03-09 43184] S0 AvgRkx86;avgrkx86.sys;c:\windows\System32\Drivers\avgrkx86.sys [2010-03-09 52872] S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6x.sys [2010-03-09 24856] S1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2010-03-09 216200] S1 AvgTdiX;AVG Network Redirector;c:\windows\system32\Drivers\avgtdix.sys [2010-03-09 242696] S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-05-09 61424] S2 avg9emc;AVG E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [2010-03-09 916760] S2 avg9wd;AVG WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [2010-03-09 308064] S2 avgfws9;AVG Firewall;c:\program files\AVG\AVG9\avgfws9.exe [2010-03-09 2325816] S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-01-16 81504] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-03-21 24576] S2 IGBASVC;iGroupTec Service;c:\program files\Acer\Acer Bio Protection\BASVC.exe [2010-03-09 3471360] S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424] S2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-01-16 122368] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\b57nd60x.sys [2008-03-28 210432] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-04-21 81296] S3 NETw5v32;Intel(R) Wireless WiFi Link-kortdriver for Windows Vista 32-bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-04-27 3658752] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-04-21 43552] S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://startsiden.no/ mStart Page = hxxp://no.intl.acer.yahoo.com uInternet Settings,ProxyOverride = *.local IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - c:\program files\AVG\AVG9\Toolbar\IEToolbar.dll . - - - - TOMME PEKERE FJERNET - - - - HKCU-Run-Corel Photo Downloader - c:\program files\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe HKLM-Run-eRecoveryService - (no file) AddRemove-AVerMedia A310 (MiniCard, DVB-T) - c:\program files\AVerMedia\AVerMedia A310 (MiniCard ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-09 13:27 Windows 6.0.6001 Service Pack 1 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}] "ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl" . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(3484) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btncopy.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\rundll32.exe c:\program files\Acer\Acer Bio Protection\CompPtcVUI.exe c:\windows\system32\agrsmsvc.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe c:\program files\AVG\AVG9\avgam.exe c:\program files\AVG\AVG9\avgnsx.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\acer\Mobility Center\MobilityService.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\wbem\unsecapp.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\conime.exe c:\program files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe . ************************************************************************** . Tidspunkt ferdig: 2010-03-09 13:31:05 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2010-03-09 12:31 Pre-Run: 80 808 267 776 byte ledig Post-Run: 82 501 111 808 byte ledig - - End Of File - - 9F7E30C6ACB82D095E8A60F9A914C09A