ComboFix 10-03-17.07 - Bjørn Nielsen 18.03.2010 12:23:14.1.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.47.1044.18.3069.1587 [GMT 1:00] Kjører fra: c:\users\Bjørn Nielsen\Desktop\ComboFix.exe SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Andre slettinger ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\temp c:\program files\temp\HideWin.exe c:\windows\Suyin.reg c:\windows\system32\tmp.reg . ((((((((((((((((((((((((((((((((((((((( Drivere/Tjenester ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_iprip ((((((((((((((((((((((((((( Filer Opprettet Fra 2010-02-18 til 2010-03-18 ))))))))))))))))))))))))))))))))) . 2010-03-18 11:29 . 2010-03-18 11:29 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-03-18 11:06 . 2010-01-07 15:07 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-03-18 11:06 . 2010-03-18 11:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-03-18 11:06 . 2010-03-18 11:06 -------- d-----w- c:\programdata\Malwarebytes 2010-03-18 11:06 . 2010-01-07 15:07 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-03-17 09:37 . 2010-03-17 09:37 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2010-03-17 09:36 . 2010-03-17 09:36 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-03-17 09:36 . 2010-03-17 09:36 -------- d-----w- c:\program files\Common Files\Wise Installation Wizard 2010-03-17 09:02 . 2010-03-17 09:02 -------- d-----w- c:\program files\TrendMicro 2010-03-10 11:19 . 2010-03-11 07:38 -------- d-----w- c:\program files\Opera 2010-03-10 06:03 . 2010-02-20 23:06 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-03-10 06:03 . 2010-02-20 23:05 30720 ----a-w- c:\windows\system32\httpapi.dll 2010-03-10 06:03 . 2010-02-20 20:53 411648 ----a-w- c:\windows\system32\drivers\http.sys 2010-03-08 06:30 . 2010-02-12 10:32 293376 ----a-w- c:\windows\system32\browserchoice.exe 2010-02-24 08:10 . 2010-01-23 09:26 2048 ----a-w- c:\windows\system32\tzres.dll 2010-02-24 08:10 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc_isv.dll 2010-02-24 08:10 . 2010-01-25 12:00 471552 ----a-w- c:\windows\system32\secproc.dll 2010-02-24 08:10 . 2010-01-25 08:21 526336 ----a-w- c:\windows\system32\RMActivate_isv.exe 2010-02-24 08:10 . 2010-01-25 12:00 152576 ----a-w- c:\windows\system32\secproc_ssp_isv.dll 2010-02-24 08:10 . 2010-01-25 12:00 152064 ----a-w- c:\windows\system32\secproc_ssp.dll 2010-02-24 08:10 . 2010-01-25 11:58 332288 ----a-w- c:\windows\system32\msdrm.dll 2010-02-24 08:10 . 2010-01-25 08:21 346624 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe 2010-02-24 08:10 . 2010-01-25 08:21 518144 ----a-w- c:\windows\system32\RMActivate.exe 2010-02-24 08:10 . 2010-01-25 08:21 347136 ----a-w- c:\windows\system32\RMActivate_ssp.exe 2010-02-24 08:09 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-02-24 08:09 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-02-24 08:09 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-02-21 10:11 . 2010-03-18 09:14 -------- d-----w- c:\program files\Satellite Direct . (((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-03-18 11:30 . 2009-03-09 15:27 12 ----a-w- c:\windows\bthservsdp.dat 2010-03-18 11:23 . 2008-01-21 06:14 524920 ----a-w- c:\windows\system32\perfh014.dat 2010-03-18 11:23 . 2008-01-21 06:14 102174 ----a-w- c:\windows\system32\perfc014.dat 2010-03-18 10:15 . 2010-02-04 18:02 -------- d-----w- c:\program files\eToro 2010-03-17 16:42 . 2009-03-07 14:13 166843 ----a-w- c:\programdata\nvModes.dat 2010-03-10 06:09 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-03-10 06:08 . 2008-11-01 03:45 -------- d-----w- c:\programdata\Microsoft Help 2010-03-01 12:39 . 2009-05-12 09:25 -------- d-----w- c:\programdata\ScanSoft 2010-03-01 12:32 . 2008-11-01 03:09 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-02-24 08:16 . 2009-10-03 10:27 181632 ------w- c:\windows\system32\MpSigStub.exe 2010-02-16 17:29 . 2010-02-15 15:33 -------- d-----w- c:\programdata\TuneUp Software 2010-02-15 15:32 . 2010-02-15 15:32 -------- d-sh--w- c:\programdata\{D3742F82-1C1A-4DCC-ABBD-0E7C3C0185CC} 2010-02-03 06:01 . 2009-03-07 10:11 -------- d-----w- c:\program files\Google 2010-01-21 17:51 . 2009-11-24 13:15 -------- d-----w- c:\program files\Microsoft Silverlight 2010-01-21 17:15 . 2008-11-01 03:43 -------- d-----w- c:\program files\Common Files\Adobe 2010-01-06 15:38 . 2010-02-24 08:09 173056 ----a-w- c:\windows\AppPatch\AcXtrnal.dll 2010-01-06 15:38 . 2010-02-24 08:09 542720 ----a-w- c:\windows\AppPatch\AcLayers.dll 2010-01-06 15:38 . 2010-02-24 08:09 458752 ----a-w- c:\windows\AppPatch\AcSpecfc.dll 2010-01-06 15:38 . 2010-02-24 08:09 2159616 ----a-w- c:\windows\AppPatch\AcGenral.dll 2010-01-02 06:38 . 2010-01-22 15:16 916480 ----a-w- c:\windows\system32\wininet.dll 2010-01-02 06:32 . 2010-01-22 15:16 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-01-02 06:32 . 2010-01-22 15:16 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-01-02 04:57 . 2010-01-22 15:16 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2009-01-15 20:17 . 2009-01-15 20:17 121633321 ----a-w- c:\program files\openofficeorg1.cab 2009-01-15 20:13 . 2009-01-15 20:13 1821008 ----a-w- c:\program files\instmsiw.exe 2009-01-15 20:13 . 2009-01-15 20:13 1707856 ----a-w- c:\program files\instmsia.exe 2009-01-15 20:13 . 2009-01-15 20:13 9298432 ----a-w- c:\program files\openofficeorg30.msi 2009-01-15 20:13 . 2009-01-15 20:13 336 ----a-w- c:\program files\setup.ini . (((((((((((((((((((((((((((((((( Oppstartspunkter I Registeret ))))))))))))))))))))))))))))))))))))))))))))) . . *Merk* tomme oppføringer & gyldige standardoppføringer vises ikke REGEDIT4 [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP] @="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}" [HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}] 2008-07-29 16:52 121392 ----a-w- c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-03-07 68856] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2009-11-25 95632] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-10-09 25623336] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-02-18 2012912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184] "RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2008-10-13 6335008] "LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-26 854536] "eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896] "eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768] "BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-25 28672] "PLFSetI"="c:\windows\PLFSetI.exe" [2008-07-29 200704] "Apoint"="c:\program files\Apoint2K\Apoint.exe" [2007-07-22 159744] "ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-08-01 405504] "ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2009-07-01 152872] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13560352] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 92704] "CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2009-07-01 206120] "Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2008-10-13 1833504] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-10 417792] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Acer VCM.lnk - c:\program files\Acer\Acer VCM\AcerVCM.exe [2009-3-7 1216512] BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-4-23 727592] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 13:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" "PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" "TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" -osboot "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):07,8a,82,44,93,33,ca,01 R2 gupdate1c9a9805682870;Googles oppdateringstjeneste (gupdate1c9a9805682870);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 133104] R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\RaInfo.sys [x] R3 cxbu0wdm;CardMan 3x21;c:\windows\system32\DRIVERS\cxbu0wdm.sys [2006-10-16 92800] R3 ggflt;SEMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys [2009-07-03 13224] R3 OlyUsbCam;OLYMPUS USB Camera;c:\windows\system32\DRIVERS\OlyUsbCam.sys [x] R3 s3017bus;Sony Ericsson Device 3017 driver (WDM);c:\windows\system32\DRIVERS\s3017bus.sys [2007-12-10 83880] R3 s3017mdfl;Sony Ericsson Device 3017 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s3017mdfl.sys [2007-12-10 15016] R3 s3017mdm;Sony Ericsson Device 3017 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s3017mdm.sys [2007-12-10 110632] R3 s3017mgmt;Sony Ericsson Device 3017 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s3017mgmt.sys [2007-12-10 104616] R3 s3017nd5;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (NDIS);c:\windows\system32\DRIVERS\s3017nd5.sys [2007-12-10 25512] R3 s3017obex;Sony Ericsson Device 3017 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s3017obex.sys [2007-12-10 100648] R3 s3017unic;Sony Ericsson Device 3017 USB Ethernet Emulation SEMC3017 (WDM);c:\windows\system32\DRIVERS\s3017unic.sys [2007-12-10 110120] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2010-02-17 12872] R3 WMSvc;Webbehandlingstjeneste;c:\windows\system32\inetsrv\wmsvc.exe [2008-01-21 11264] S1 aswSP;avast! Self Protection; [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2010-02-17 12872] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2010-02-17 66632] S2 AdobeActiveFileMonitor7.0;Adobe Active File Monitor V7;c:\program files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe [2008-09-16 169312] S2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2009-11-24 20560] S2 aswMonFlt;aswMonFlt;c:\windows\system32\DRIVERS\aswMonFlt.sys [2009-11-24 53328] S2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384] S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2009-04-16 75048] S2 dlba_device;dlba_device;c:\windows\system32\dlbacoms.exe [2007-03-05 538096] S2 dlbk_device;dlbk_device;c:\windows\system32\dlbkcoms.exe [2007-04-05 538096] S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-08-19 24576] S2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-25 45056] S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-25 131072] S2 OKI OPHG DCS Loader;OKI OPHG DCS Loader;c:\windows\system32\spool\DRIVERS\W32X86\3\OPHGLDCS.EXE [2007-05-29 24576] S2 RS_Service;Raw Socket Service;c:\program files\Acer\Acer VCM\RS_Service.exe [2008-01-10 233472] S3 enecir;ENE CIR Receiver;c:\windows\system32\DRIVERS\enecir.sys [2008-04-29 54784] S3 JMCR;JMCR;c:\windows\system32\DRIVERS\jmcr.sys [2008-09-09 99216] S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-09-24 45600] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] bthsvcs REG_MULTI_SZ BthServ LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache rsmsvcs REG_MULTI_SZ ntmssvc ipripsvc REG_MULTI_SZ iprip . Innholdet i mappen 'Scheduled Tasks' (planlagte oppgaver) 2010-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 17:19] 2010-03-18 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-03-20 17:19] 2010-03-18 c:\windows\Tasks\User_Feed_Synchronization-{82ED8E8A-8B45-40BD-9137-412FD1EFA47A}.job - c:\windows\system32\msfeedssync.exe [2010-01-22 04:56] . . ------- Tilleggsskanning ------- . uStart Page = hxxp://www.tyssetrold.com IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Send bilde til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send side til &Bluetooth-enhet... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm Trusted Zone: buypass.no Trusted Zone: headit.no Trusted Zone: norsk-tipping.no . - - - - TOMME PEKERE FJERNET - - - - MSConfigStartUp-WinampAgent - c:\program files\Winamp\winampa.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-03-18 12:32 Windows 6.0.6002 Service Pack 2 NTFS skanner skjulte prosesser ... skanner skjulte autostart-oppføringer ... skanner skjulte filer ... skanning vellykket skjulte filer: 0 ************************************************************************** . --------------------- LÅSTE REGISTERNØKLER --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0006\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0007\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0008\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0009\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . --------------------- DLL'er Lastet Av Kjørende Prosesser --------------------- - - - - - - - > 'Explorer.exe'(3264) c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll c:\windows\system32\btncopy.dll . ------------------------ Andre Kjørende Prosesser ------------------------ . c:\windows\system32\nvvsvc.exe c:\windows\system32\WLANExt.exe c:\windows\system32\rundll32.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe c:\program files\Intel\WiFi\bin\EvtEng.exe c:\windows\system32\inetsrv\inetinfo.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\acer\Mobility Center\MobilityService.exe c:\windows\system32\mqsvc.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe c:\program files\Cyberlink\Shared files\RichVideo.exe c:\windows\System32\tcpsvcs.exe c:\windows\System32\snmp.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE c:\windows\system32\DRIVERS\xaudio.exe c:\windows\system32\mqtgsvc.exe c:\windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe c:\windows\system32\conime.exe c:\program files\Windows Media Player\wmpnetwk.exe . ************************************************************************** . Tidspunkt ferdig: 2010-03-18 12:39:14 - maskinen ble startet på nytt ComboFix-quarantined-files.txt 2010-03-18 11:39 Pre-Run: 89 261 023 232 byte ledig Post-Run: 89 791 688 704 byte ledig - - End Of File - - CB7690F95369962ED8486EF6BF7D8CF8