Ikke et gyldigt Win32-program. Åbning af .exe filer.

Til rette vedkommende.

På forhånd undskyld - jeg har svært ved at finde den korrekte kategori for mig spørgsmål. Håber jeg har ramt nogenlunde rigtigt.

Jeg har en:

Acer Aspire 6930g
Intel(R) Core(TM)2 Duo CPU T6400 - 2.00 GHz
4 GB RAM
32-bit operativsystem
Vista Home Premium - Service pack 2 installeret (samt alle opdateringer til d.d. til Windows)

Min computer begyndte at køre trægt, og besluttede derfor at gendanne til fabriksindstillinger - noget, jeg ofte gør.

Alt gik fint. Windows startede op og jeg begyndte at installere Avast, java osv. Jeg prøvede dog noget nyt denne gang. Jeg er blevet træt af al den brugerkontrol og fandt ud af, at man kunne undgå dette ved at skrive følgende i CMD:

"net user administrator /active:yes"

Det hjalp, men et par dage efter begyndte computeren at melde denne fejl, fx da jeg prøvede at åbne installationsfilen til k-lite codec pack.

C:\users\administrator\desktop\klcodec600f.exe er ikke et gyldigt Win32-program.

Samme fejl melder sig også ved andre .exe filer, men jeg ved ikke hvorfor?! Derfor denne tråd.

Jeg har læst lidt på nettet på diverse fora og nogle foreslår, at der er fejl i registreringsdatabasen. Aner ikke om det er rigtigt, men i så fald føler jeg det nødvendigt at nævne, at computeren i sine fabriksinstillinger har 17 gratisspil installeret, hvilket jeg afinstallerer efter endt gendannelse. Kunne der være sket en fejl i afinstallationen her? Nu er det hvert fald nævnt.

Jeg har, som foreslået i en tråd på eksperten, kørt CCleaner, Malwarebytes, Combofix og HijackThis. Jeg er ikke klar over, hvor dette skal oploades for at i kan se disse logs - derfor undskylder jeg på forhånd at have spammet denne post med logfilen.

Rækkefølgen på logsne er:

Malware
Combofix
HijackThis

Håber en kan hjælpe.

På forhånd tak.


Malwarebytes - anti-malware log
Malwarebytes' Anti-Malware 1.46
www.malwarebytes.org

Database version: 4168

Windows 6.0.6002 Service Pack 2
Internet Explorer 8.0.6001.18904

04-06-2010 15:16:38
mbam-log-2010-06-04 (15-16-38).txt

Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|)
Objekter skannet: 270282
Tid gået: 1 time(e), 21 minut(ter), 24 sekund(er)

Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 8
Inficerede Filer: 1

Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)

Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)

Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)

Inficerede Mapper:
C:\Program Files\Perfect Optimizer (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Application (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry\FirstBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Registry\FullBackup (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Backup\Service (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.
C:\Program Files\Perfect Optimizer\Temp (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.

Inficerede Filer:
C:\Program Files\Perfect Optimizer\PerfectOptimizer.ini (Rogue.PerfectOptimzier) -> Quarantined and deleted successfully.



ComboFix log

ComboFix 10-06-03.01 - Administrator 05-06-2010  9:53.1.2 - x86
Microsoft® Windows Vista™ Home Premium  6.0.6002.2.1252.45.1030.18.3036.1827 [GMT 2:00]
Kører fra: c:\users\Administrator\Desktop\Computer oprydning\ComboFix.exe
Kommandoer benyttet :: c:\users\Administrator\Desktop\Computer oprydning\CFScript.txt
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

(((((((((((((((((((((((((((((  Filer skabt fra 2010-05-05 til 2010-06-05  )))))))))))))))))))))))))))))))))))
.

2010-06-05 07:59 . 2010-06-05 08:01    --------    d-----w-    c:\users\Administrator\AppData\Local\temp
2010-06-05 07:59 . 2010-06-05 07:59    --------    d-----w-    c:\users\Default\AppData\Local\temp
2010-06-05 07:59 . 2010-06-05 07:59    --------    d-----w-    c:\users\Christian\AppData\Local\temp
2010-06-04 11:54 . 2010-06-04 11:54    --------    d-----w-    c:\users\Administrator\AppData\Roaming\Malwarebytes
2010-06-04 11:53 . 2010-04-29 13:39    38224    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-04 11:53 . 2010-06-04 11:53    --------    d-----w-    c:\programdata\Malwarebytes
2010-06-04 11:53 . 2010-06-04 11:53    --------    d-----w-    c:\program files\Malwarebytes' Anti-Malware
2010-06-04 11:53 . 2010-04-29 13:39    20952    ----a-w-    c:\windows\system32\drivers\mbam.sys
2010-06-04 11:48 . 2010-06-04 11:48    --------    d-----w-    c:\program files\CCleaner
2010-06-04 10:56 . 2008-07-18 22:23    768544 begin_of_the_skype_highlighting              23 768544      end_of_the_skype_highlighting    ----a-w-    c:\windows\system32\nvcplui.exe
2010-06-04 10:56 . 2008-07-18 22:23    313888    ----a-w-    c:\windows\system32\nvexpbar.dll
2010-06-04 10:56 . 2008-07-18 22:23    1079840    ----a-w-    c:\windows\system32\nvcpluir.dll
2010-06-04 10:48 . 2008-07-18 22:23    96800    ----a-w-    c:\windows\system32\nvhotkey.dll
2010-06-04 10:26 . 2010-06-04 10:26    --------    d-----w-    c:\users\Administrator\AppData\Roaming\SystemRequirementsLab
2010-06-02 20:33 . 2010-06-02 20:33    --------    d-----w-    c:\program files\Windows Portable Devices
2010-06-02 20:31 . 2009-09-10 02:00    92672    ----a-w-    c:\windows\system32\UIAnimation.dll
2010-06-02 20:31 . 2009-09-10 02:01    3023360    ----a-w-    c:\windows\system32\UIRibbon.dll
2010-06-02 20:31 . 2009-09-10 02:00    1164800    ----a-w-    c:\windows\system32\UIRibbonRes.dll
2010-06-02 18:50 . 2010-01-06 15:39    1696256    ----a-w-    c:\windows\system32\gameux.dll
2010-06-02 18:50 . 2010-01-06 15:38    28672    ----a-w-    c:\windows\system32\Apphlpdm.dll
2010-06-02 18:50 . 2010-01-06 13:30    4240384    ----a-w-    c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-02 18:50 . 2010-03-05 14:01    420352    ----a-w-    c:\windows\system32\vbscript.dll
2010-06-02 18:50 . 2009-08-24 11:36    377344    ----a-w-    c:\windows\system32\winhttp.dll
2010-06-02 12:21 . 2010-06-02 12:21    --------    d-----w-    c:\windows\system32\ca-ES
2010-06-02 12:21 . 2010-06-02 12:21    --------    d-----w-    c:\windows\system32\eu-ES
2010-06-02 12:21 . 2010-06-02 12:21    --------    d-----w-    c:\windows\system32\vi-VN
2010-06-02 12:10 . 2010-06-02 12:10    --------    d-----w-    c:\windows\system32\EventProviders
2010-06-02 12:07 . 2010-06-02 12:07    --------    d-----w-    c:\programdata\Office Genuine Advantage
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\users\Public\Roaming
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\users\Default\Roaming
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\users\Christian\Roaming
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\users\Administrator\Roaming
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\users\Administrator\AppData\Roaming\Intel
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\programdata\Roaming
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\program files\Cisco
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\programdata\Intel
2010-06-02 12:02 . 2010-06-02 12:02    --------    d-----w-    c:\program files\Common Files\Intel
2010-06-02 11:58 . 2009-03-08 11:33    18944    ----a-w-    c:\windows\system32\corpol.dll
2010-06-02 11:57 . 2009-06-15 14:52    499712    ----a-w-    c:\windows\system32\kerberos.dll
2010-06-02 11:57 . 2009-06-15 14:53    270848    ----a-w-    c:\windows\system32\schannel.dll
2010-06-02 06:25 . 2010-06-02 06:25    --------    d-----w-    c:\users\Administrator\AppData\Roaming\VoddlerPlayer.22AA32E1C519F8FB77514A36DC6C2AE2C623240F.1
2010-06-02 05:36 . 2010-06-02 05:36    --------    d-----w-    c:\program files\Common Files\Adobe AIR
2010-06-02 05:36 . 2010-06-05 08:01    --------    d-----w-    C:\Voddler
2010-06-02 05:35 . 2010-06-02 05:36    --------    d-----w-    c:\program files\Voddler
2010-06-01 16:23 . 2009-05-04 03:32    49904    ----a-r-    c:\windows\system32\drivers\BVRPMPR5.SYS
2010-06-01 16:23 . 2010-06-01 16:41    --------    d-----w-    C:\Netgear
2010-06-01 14:41 . 2009-04-11 06:28    3217408    ----a-w-    c:\windows\system32\WinSAT.exe
2010-06-01 14:40 . 2009-04-11 06:28    83456    ----a-w-    c:\windows\system32\wlgpclnt.dll
2010-06-01 14:39 . 2009-04-11 06:28    705536    ----a-w-    c:\windows\system32\SmiEngine.dll
2010-06-01 14:39 . 2009-04-11 06:28    218624    ----a-w-    c:\windows\system32\wdscore.dll
2010-06-01 14:39 . 2009-04-11 06:27    130560    ----a-w-    c:\windows\system32\PkgMgr.exe
2010-06-01 14:37 . 2009-04-11 06:28    247808    ----a-w-    c:\windows\system32\drvstore.dll
2010-06-01 14:24 . 2010-06-04 10:16    --------    dc----w-    c:\windows\system32\DRVSTORE
2010-06-01 14:24 . 2010-06-01 14:24    95024    ----a-w-    c:\windows\system32\drivers\SBREDrv.sys
2010-06-01 14:20 . 2010-06-04 10:16    --------    d-----w-    c:\programdata\Lavasoft
2010-06-01 14:20 . 2010-06-04 10:16    --------    d-----w-    c:\program files\Lavasoft
2010-06-01 13:48 . 2010-06-01 13:48    --------    d-----w-    c:\users\Administrator\AppData\Roaming\Uniblue
2010-06-01 07:58 . 2010-06-01 07:58    56    ---ha-w-    c:\windows\system32\ezsidmv.dat
2010-06-01 07:58 . 2010-06-05 07:49    --------    d-----w-    c:\users\Administrator\AppData\Roaming\skypePM
2010-06-01 07:57 . 2010-06-05 08:01    --------    d-----w-    c:\users\Administrator\AppData\Roaming\Skype
2010-06-01 07:57 . 2010-06-01 07:57    --------    d-----w-    c:\program files\Common Files\Skype
2010-06-01 07:57 . 2010-06-01 07:57    --------    d-----r-    c:\program files\Skype
2010-06-01 07:56 . 2010-06-01 07:57    --------    d-----w-    c:\programdata\Skype
2010-05-31 19:16 . 2010-02-12 10:48    293376    ----a-w-    c:\windows\system32\browserchoice.exe
2010-05-31 19:15 . 2010-05-31 19:15    --------    d-----w-    c:\users\Default\AppData\Local\Microsoft Help
2010-05-31 19:01 . 2008-07-27 18:03    41984    ----a-w-    c:\windows\system32\netfxperf.dll
2010-05-31 19:00 . 2010-02-20 23:06    24064    ----a-w-    c:\windows\system32\nshhttp.dll
2010-05-31 19:00 . 2010-02-20 20:53    411648    ----a-w-    c:\windows\system32\drivers\http.sys
2010-05-31 19:00 . 2010-02-20 23:05    30720    ----a-w-    c:\windows\system32\httpapi.dll
2010-05-31 15:32 . 2010-05-31 16:41    --------    d-----w-    c:\program files\NVIDIA Corporation
2010-05-31 15:28 . 2010-06-04 10:52    1356    ----a-w-    c:\users\Administrator\AppData\Local\d3d9caps.dat
2010-05-31 15:24 . 2010-03-17 00:01    56424    ----a-w-    c:\windows\system32\OpenCL.dll
2010-05-31 15:24 . 2010-03-17 00:01    2647144    ----a-w-    c:\windows\system32\nvcuvenc.dll
2010-05-31 15:24 . 2010-03-17 00:01    2009704    ----a-w-    c:\windows\system32\nvcuvid.dll
2010-05-31 15:24 . 2010-03-17 00:01    4029544    ----a-w-    c:\windows\system32\nvcuda.dll
2010-05-31 15:24 . 2010-03-17 00:01    11647592    ----a-w-    c:\windows\system32\nvcompiler.dll
2010-05-31 15:24 . 2010-05-31 15:24    --------    d-----w-    C:\NVIDIA
2010-05-31 15:21 . 2010-06-01 13:46    --------    d-----w-    c:\users\Administrator\AppData\Roaming\Media Player Classic
2010-05-31 06:38 . 2009-10-19 13:38    156672    ----a-w-    c:\windows\system32\t2embed.dll
2010-05-31 06:38 . 2009-10-19 13:35    72704    ----a-w-    c:\windows\system32\fontsub.dll
2010-05-31 06:38 . 2009-06-15 14:52    23552    ----a-w-    c:\windows\system32\lpk.dll
2010-05-31 06:38 . 2009-06-15 14:51    10240    ----a-w-    c:\windows\system32\dciman32.dll
2010-05-31 06:38 . 2009-06-15 12:42    289792    ----a-w-    c:\windows\system32\atmfd.dll
2010-05-31 06:38 . 2009-04-11 06:28    34304    ----a-w-    c:\windows\system32\atmlib.dll
2010-05-31 06:36 . 2009-07-17 13:54    71680    ----a-w-    c:\windows\system32\atl.dll
2010-05-31 06:36 . 2010-04-23 14:13    2048    ----a-w-    c:\windows\system32\tzres.dll
2010-05-31 06:36 . 2009-06-10 11:42    160256    ----a-w-    c:\windows\system32\wkssvc.dll
2010-05-31 06:36 . 2009-06-04 12:07    2066432    ----a-w-    c:\windows\system32\mstscax.dll
2010-05-31 06:36 . 2009-04-11 06:28    53248    ----a-w-    c:\windows\system32\tsgqec.dll
2010-05-31 06:36 . 2009-04-11 06:28    136192    ----a-w-    c:\windows\system32\aaclient.dll
2010-05-31 06:35 . 2009-04-23 12:14    623616    ----a-w-    c:\windows\system32\localspl.dll
2010-05-31 06:33 . 2010-02-18 14:07    904576    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2010-05-31 06:33 . 2010-02-18 13:30    200704    ----a-w-    c:\windows\system32\iphlpsvc.dll
2010-05-31 06:33 . 2010-02-18 11:28    25088    ----a-w-    c:\windows\system32\drivers\tunnel.sys
2010-05-31 06:33 . 2009-12-08 17:26    30720    ----a-w-    c:\windows\system32\drivers\tcpipreg.sys
2010-05-31 06:32 . 2009-08-14 13:27    2036736    ----a-w-    c:\windows\system32\win32k.sys
2010-05-31 06:32 . 2009-07-15 12:39    313344    ----a-w-    c:\windows\system32\wmpdxm.dll
2010-05-31 06:31 . 2010-01-25 08:21    526336    ----a-w-    c:\windows\system32\RMActivate_isv.exe
2010-05-31 06:31 . 2010-01-25 08:21    518144    ----a-w-    c:\windows\system32\RMActivate.exe
2010-05-31 06:31 . 2010-01-25 12:00    471552    ----a-w-    c:\windows\system32\secproc_isv.dll
2010-05-31 06:31 . 2010-01-25 12:00    471552    ----a-w-    c:\windows\system32\secproc.dll
2010-05-31 06:31 . 2010-01-25 08:21    346624    ----a-w-    c:\windows\system32\RMActivate_ssp_isv.exe
2010-05-31 06:31 . 2010-01-25 08:21    347136    ----a-w-    c:\windows\system32\RMActivate_ssp.exe
2010-05-31 06:31 . 2010-01-25 12:00    152576    ----a-w-    c:\windows\system32\secproc_ssp_isv.dll
2010-05-31 06:31 . 2010-01-25 12:00    152064    ----a-w-    c:\windows\system32\secproc_ssp.dll
2010-05-31 06:31 . 2010-01-25 11:58    332288    ----a-w-    c:\windows\system32\msdrm.dll
2010-05-31 06:30 . 2009-09-04 11:41    60928    ----a-w-    c:\windows\system32\msasn1.dll
2010-05-31 06:30 . 2009-04-23 12:15    784896    ----a-w-    c:\windows\system32\rpcrt4.dll
2010-05-31 06:30 . 2009-09-14 09:29    144896    ----a-w-    c:\windows\system32\drivers\srv2.sys
2010-05-31 06:30 . 2009-10-07 11:36    243712    ----a-w-    c:\windows\system32\rastls.dll
2010-05-31 06:28 . 2010-05-21 12:14    221568    ------w-    c:\windows\system32\MpSigStub.exe
2010-05-30 19:11 . 2010-05-30 19:11    --------    d-----w-    c:\windows\Sun
2010-05-30 19:11 . 2010-03-15 09:31    165376    ----a-w-    c:\windows\system32\unrar.dll
2010-05-30 19:10 . 2010-05-30 19:10    --------    d-----w-    c:\program files\Common Files\Java
2010-05-30 19:10 . 2010-05-30 19:10    411368    ----a-w-    c:\windows\system32\deployJava1.dll
2010-05-30 19:09 . 2010-05-30 19:09    --------    d-----w-    c:\program files\Java
2010-05-30 05:11 . 2009-12-23 11:33    172032    ----a-w-    c:\windows\system32\wintrust.dll
2010-05-30 05:11 . 2010-01-13 17:34    98304    ----a-w-    c:\windows\system32\cabview.dll
2010-05-29 21:31 . 2010-05-29 21:31    --------    d-----w-    c:\program files\SystemRequirementsLab
2010-05-29 19:55 . 2010-05-29 19:55    --------    d-----w-    c:\program files\Microsoft
2010-05-29 19:44 . 2010-06-05 08:01    --------    d-----w-    c:\users\Administrator\Tracing
2010-05-29 19:43 . 2010-06-03 11:59    --------    d-----w-    c:\program files\PKR
2010-05-29 19:43 . 2010-05-29 19:43    0    ----a-w-    c:\windows\nsreg.dat
2010-05-29 19:43 . 2010-05-29 19:43    --------    d-----w-    c:\users\Administrator\AppData\Local\Mozilla
2010-05-29 19:39 . 2010-05-06 20:39    164048    ----a-w-    c:\windows\system32\drivers\aswSP.sys

.
((((((((((((((((((((((((((((((((((((((((  Find3M Rapport  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-04 22:47 . 2008-01-21 05:51    77202    ----a-w-    c:\windows\system32\perfc006.dat
2010-06-04 22:47 . 2008-01-21 05:51    463344    ----a-w-    c:\windows\system32\perfh006.dat
2010-06-04 11:01 . 2010-06-04 10:59    28599    ----a-w-    c:\programdata\nvModes.dat
2010-06-04 10:26 . 2010-06-04 10:26    290816    ----a-w-    c:\users\Administrator\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_4.dll
2010-06-04 10:26 . 2010-06-04 10:26    290816    ----a-w-    c:\users\Administrator\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_3.dll
2010-06-04 10:26 . 2010-06-04 10:26    290816    ----a-w-    c:\users\Administrator\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_2.dll
2010-06-04 10:26 . 2010-06-04 10:26    290816    ----a-w-    c:\users\Administrator\AppData\Roaming\SystemRequirementsLab\SRLProxy_nvd_1.dll
2010-06-02 20:33 . 2006-11-02 10:25    665600    ----a-w-    c:\windows\inf\drvindex.dat
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Sidebar
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Journal
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Collaboration
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Calendar
2010-06-02 12:21 . 2006-11-02 11:18    --------    d-----w-    c:\program files\Windows Mail
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Photo Gallery
2010-06-02 12:21 . 2006-11-02 12:37    --------    d-----w-    c:\program files\Windows Defender
2010-06-02 12:02 . 2009-01-17 14:01    --------    d-----w-    c:\program files\Intel
2010-06-02 05:36 . 2010-06-02 06:25    38784    ----a-w-    c:\users\Administrator\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-06-02 05:36 . 2010-06-02 05:36    38784    ----a-w-    c:\users\Default\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe
2010-05-31 19:34 . 2009-01-17 14:18    --------    d-----w-    c:\programdata\Microsoft Help
2010-05-31 19:15 . 2009-01-17 14:19    --------    d-----w-    c:\program files\Microsoft Works
2010-05-30 05:03 . 2009-01-17 14:30    --------    d-----w-    c:\program files\Google
2010-05-29 19:55 . 2009-01-17 14:40    --------    d-----w-    c:\program files\Windows Live
2010-05-29 19:48 . 2010-05-29 19:48    71280    ----a-w-    c:\users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-29 19:47 . 2009-01-17 14:29    --------    d-----w-    c:\program files\Acer
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\programdata\Skrivebord
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\programdata\Skabeloner
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\programdata\Menuen Start
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\programdata\Favoritter
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\programdata\Dokumenter
2010-05-29 19:44 . 2010-05-29 19:44    --------    d-sh--we    c:\program files\Fælles filer
2010-05-29 19:36 . 2009-01-17 14:42    --------    d-----w-    c:\program files\McAfee
2010-05-29 19:36 . 2009-01-17 14:42    --------    d-----w-    c:\programdata\McAfee
2010-05-29 19:31 . 2009-01-17 14:04    --------    d--h--w-    c:\program files\InstallShield Installation Information
2010-05-29 19:31 . 2009-01-17 15:06    --------    d-----w-    c:\program files\eSobi
2010-05-29 19:29 . 2009-01-17 14:47    --------    d-----w-    c:\program files\Acer GameZone
2010-05-29 19:14 . 2010-05-29 19:46    680    ----a-w-    c:\users\Christian\AppData\Local\d3d9caps.dat
2010-05-29 19:11 . 2010-05-29 19:11    36864    ----a-w-    c:\programdata\Temp\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\PostBuild.exe
2010-05-29 19:10 . 2010-05-29 19:11    53319    ----a-w-    c:\programdata\Temp\{5DB1DF0C-AABC-4362-8A6D-CEFDFB036E41}\PostBuild.exe
2010-05-29 18:55 . 2010-05-29 18:55    0    ---ha-w-    c:\windows\system32\drivers\Msft_Kernel_SynTP_01000.Wdf
2010-05-29 18:54 . 2010-05-29 18:54    --------    d-----w-    c:\users\Christian\AppData\Roaming\InstallShield
2010-04-16 20:12 . 2010-04-16 20:12    48464    ----a-w-    c:\windows\system32\sirenacm.dll
2010-03-16 18:46 . 2010-03-16 18:46    66664    ----a-w-    c:\windows\system32\nvshext.dll
2010-03-12 09:26 . 2010-05-29 19:49    600680    ----a-w-    c:\windows\system32\NVUNINST.EXE
.

(((((((((((((((((((((((((((((((((((  Start steder i reg.basen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Bemærk* tomme linier & lovlige standard linier vises ikke 
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-07-29 16:52    121392    ----a-w-    c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="c:\program files\Acer\WR_PopUp\ProductReg.exe" [2008-11-17 135168]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-05-13 26192168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-21 1008184]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2008-07-20 182808]
"RtHDVCpl"="RtHDVCpl.exe" [2008-09-18 6294048]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-11-28 417792]
"eAudio"="c:\program files\Acer\Empowering Technology\eAudio\eAudio.exe" [2008-09-11 544768]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-07-29 526896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"PLFSetI"="c:\windows\PLFSetI.exe" [2007-10-23 200704]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"LManager"="c:\progra~1\LAUNCH~1\QtZgAcer.EXE" [2008-06-04 817672]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-10-08 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-10-08 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-10-17 167936]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-05-06 2815192]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"VoddlerNet Manager"="c:\program files\Voddler\service\VNetManager.exe" [2010-05-19 579784]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-18 13543968]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-18 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):79,04,6a,7e,4f,02,cb,01

R3 netr28;Ralink 802.11n Wireless Driver for Windows Vista;c:\windows\system32\DRIVERS\netr28.sys [2008-03-26 338432]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-09-23 50424]
S1 aswSP;aswSP; [x]
S2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};Power Control [2010/05/29 21:13];c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl [2008-10-17 12:49 87536]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-05-06 51792]
S2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-10-04 69632]
S2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-11-28 24576]
S2 IAANTMON;Intel(R) Matrix Storage Event Monitor;c:\program files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2008-07-20 354840]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-09-23 144632]
S2 VoddlerNet;VoddlerNet;c:\program files\Voddler\service\voddler.exe [2010-05-19 873680]
S3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit;c:\windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32v.sys [2008-06-25 44064]
S3 winbondcir;Winbond IR Transceiver;c:\windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ      FontCache
.
Indhold af mappen 'Planlagte Opgaver'
.
.
------- Yderligere scanning -------
.
uStart Page = hxxp://www.studienet.viauc.dk/
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=0510&m=aspire_6930g
IE: E&ksporter til Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: {{898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
FF - ProfilePath - c:\users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\1znziq0q.default\
FF - prefs.js: browser.startup.homepage - www.google.dk
FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Voddler\plugin\npvoddler.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- FIREFOX POLITIKKER ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation",  false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".dk");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
.
- - - - TOMME GENVEJE FJERNET - - - -

HKLM-Run-eRecoveryService - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS



**************************************************************************
scanner skjulte processer ... 

scanner skjulte autostarter ...

scanner skjulte filer ... 

scanning gennemført med succes
skjulte filer:

**************************************************************************

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{49DE1C67-83F8-4102-99E0-C16DCC7EEC796}]
"ImagePath"="\??\c:\program files\Acer Arcade Deluxe\PlayMovie\000.fcl"
.
--------------------- LÅSTE REGISTRERINGS NØGLER ---------------------

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (Administrator)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,07,14,a4,aa,72,f3,4a,9e,9c,53,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
  d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d5,07,14,a4,aa,72,f3,4a,9e,9c,53,\

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aif\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aifc\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.aiff\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AIFF"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.asx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.au\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.cda\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.CDA"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.m3u\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.M3U"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mid\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.midi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.MOD\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp2\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mp3\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MP3"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mpa\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MPEG"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.rmi\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.MIDI"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.snd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.AU"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wav\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAV"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wax\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WAX"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wm\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASF"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wma\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMA"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmd\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMD"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wms\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMS"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.ASX"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wmz\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WMZ"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wpl\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WPL"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.wvx\UserChoice]
@Denied: (2) (Administrator)
"Progid"="WMP11.AssocFile.WVX"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_USERS\S-1-5-21-1160117889-2683324452-314250917-500\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (Administrator)
"Progid"="FirefoxHTML"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs startet under kørende Processer ---------------------

- - - - - - - > 'Explorer.exe'(4864)
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\sysenv.dll
c:\windows\System32\SysHook.dll
.
------------------------ Andre kørende processer ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\Alwil Software\Avast5\AvastSvc.exe
c:\windows\system32\WLANExt.exe
c:\windows\system32\rundll32.exe
c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
c:\program files\Intel\WiFi\bin\EvtEng.exe
c:\acer\Mobility Center\MobilityService.exe
c:\program files\Common Files\Intel\WirelessCommon\RegSrvc.exe
c:\program files\Cyberlink\Shared files\RichVideo.exe
c:\windows\system32\DRIVERS\xaudio.exe
c:\windows\system32\conime.exe
c:\windows\RtHDVCpl.exe
c:\windows\system32\wbem\unsecapp.exe
c:\program files\Launch Manager\QtZgAcer.EXE
c:\program files\Alwil Software\Avast5\AvastUI.exe
c:\windows\System32\rundll32.exe
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\\?\c:\windows\system32\wbem\WMIADAP.EXE
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Gennemført tid: 2010-06-05  10:07:53 - maskinen blev genstartet
ComboFix-quarantined-files.txt  2010-06-05 08:07

Pre-Kørsel: 179.155.746.816 byte ledig
Post-Kørsel: 178.999.185.408 byte ledig

Current=1 Default=1 Failed=0 LastKnownGood=10 Sets=1,2,3,4,5,6,7,8,9,10
- - End Of File - - 400A2AA613D5FA1C2058CCE54A2566BE




HijackThis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:10:49, on 05-06-2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18904)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Voddler\service\VNetManager.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.studienet.viauc.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=0406&s=2&o=vp32&d=0510&m=aspire_6930g
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [eAudio] "C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [PLFSetI] C:\Windows\PLFSetI.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [VoddlerNet Manager] C:\Program Files\Voddler\service\VNetManager.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: McAfee Proxy Service (McProxy) - Unknown owner - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe (file missing)
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: VoddlerNet - Voddler - C:\Program Files\Voddler\service\voddler.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8317 bytes