Nogen der vil kigge på denne hijackthis?

Lige umiddelbart er der ikke noget at se, men du har brugt en forældet udgave af Hijackthis. Prøv hellere dette program:

Hent Oldtimer's WinPFind3 herfra:
http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

Dobbeltklik på WinPFind3u, som du hentede, og klik på Extract. Så udpakkes programmet i en særskilt mappe. Gå ind i denne mappe, og dobbeltklik på WinPFind3U.exe. Sæt så flueben og prikker på følgende måde:

Processes: Non-Microsoft
Win32 Services: Non-Microsoft
Driver Services: Non-Microsoft
Registry:  Non-Microsoft
Files Created Within: 30 Days, Non-Microsoft Only
Files Modified Within: 30 Days, Non-Microsoft Only
File String Search: Non-Microsoft

Klik herefter på "Run Scan". Efter noget tid vil der dukke en logfil op, som du gerne må paste herind. Muligvis vil loggen være så lang, at den ikke kan være i en enkelt post. Så må du lægge den ind i flere dele.

okey.  det var den de linkede til på spywarefri.dk. 
Fandt det her som er ved at blive gjort:
http://www.symantec.com/security_response/writeup.jsp?docid=2007-011917-1403-99&tabid=3.     
bag efter får jeg lige lavet en log med det andet program.

ups.  glem den besked.  sidder og kager i det.  svarede i forkerte tråd:(  sorry

Ok, men jeg er ret sikker på, at den Hijackthis, som du har brugt, har de ikke linket til længe inde på Spywarefri. Jeg supporter nemlig også derinde ;-)

køre lige den over i ejen tråd.  trojan.peacomm

WinPFind3 logfile created on: 22-01-2007 21:02:30
WinPFind3U by OldTimer - Version 1.0.11    Folder = C:\Documents and Settings\Hunter\Skrivebord\WinPFind\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1048048 Kb Total Physical Memory | 543844 Kb Available Physical Memory | 51,89% Memory free
1131088 Kb Paging File | 607308 Kb Available in Paging File | 53,69% Paging File free
Paging file location(s): C:\pagefile.sys 180 360;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 32684208 Kb Total Space | 12038116 Kb Free Space | 36,83% Space Free
Drive D: | 40957684 Kb Total Space | 26569668 Kb Free Space | 64,87% Space Free
Drive E: | 62918540 Kb Total Space | 53877044 Kb Free Space | 85,63% Space Free
Drive F: | 37190472 Kb Total Space | 19132532 Kb Free Space | 51,44% Space Free


[Processes - Non-Microsoft Only]
aboard.exe -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
anydvd.exe -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
aosd.exe -> %SystemDrive%\APPS\ABoard\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02-05-2003 10:31:38 | Attr =    ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
bitlord.exe -> %ProgramFiles%\BitLord\BitLord.exe -> www.BitLord.com [Ver = 1.1. | Size = 2224128 bytes | Modified Date = 07-05-2005 01:47:10 | Attr =    ]
daemon.exe -> %ProgramFiles%\D-Tools\daemon.exe -> DAEMON'S HOME [Ver = 3.46.0.0 | Size = 81920 bytes | Modified Date = 12-03-2004 22:43:18 | Attr =    ]
f1driver.exe -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
lexbces.exe -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
lexpps.exe -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 18-08-2003 15:32:56 | Attr =    ]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]
lxbkbmgr.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
lxbkbmon.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmon.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 53248 bytes | Modified Date = 19-08-2003 16:00:40 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
regmech.exe -> %ProgramFiles%\Registry Mechanic\RegMech.exe -> PC Tools [Ver = 6.00.0750 | Size = 2287152 bytes | Modified Date = 30-10-2006 13:12:14 | Attr =    ]
winampa.exe -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 18-01-2007 18:01:14 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe ->  [Ver = 5.13.0013 | Size = 114688 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 26-08-2004 16:53:50 | Attr =    ]
(LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(AliIde) AliIde [Kernel | Boot | Stopped] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17-08-2001 20:51:56 | Attr =    ]
(amdagp) Filterdriver til AMD AGP-bus [Kernel | Boot | Stopped] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03-08-2004 22:07:44 | Attr =    ]
(AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> %System32%\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 20096 bytes | Modified Date = 20-10-2006 18:42:42 | Attr =    ]
(asc) asc [Kernel | Boot | Stopped] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17-08-2001 20:52:00 | Attr =    ]
(asc3550) asc3550 [Kernel | Boot | Stopped] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17-08-2001 20:51:58 | Attr =    ]
(atapi) Standard IDE/ESDI-harddiskcontroller [Kernel | Boot | Running] -> %System32%\drivers\atapi.sys ->  [Ver =  | Size = 95360 bytes | Modified Date = 03-08-2004 21:59:44 | Attr =    ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6387 | Size = 611328 bytes | Modified Date = 12-09-2003 21:43:06 | Attr =    ]
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 29-10-2006 09:00:22 | Attr =    ]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7,1,0,398 | Size = 28416 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgTdi) AVG Network Redirector [Kernel | Auto | Running] -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(BootScreen) BootScreen [Kernel | Boot | Stopped] -> %System32%\drivers\vidstub.sys ->  [Ver =  | Size = 163712 bytes | Modified Date = 09-12-2006 07:34:26 | Attr =    ]
(Ca533av) MD Slimline, WDM Video Capture [Kernel | Auto | Stopped] -> System32\Drivers\Ca533av.sys -> File not found
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Boot | Stopped] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 04-10-2001 15:34:58 | Attr =    ]
(d346bus) d346bus [Kernel | Boot | Running] -> %System32%\drivers\d346bus.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 156800 bytes | Modified Date = 12-03-2004 22:41:28 | Attr =    ]
(d346prt) d346prt [Kernel | Boot | Running] -> %System32%\drivers\d346prt.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 12-03-2004 22:41:42 | Attr =    ]
(dac2w2k) dac2w2k [Kernel | Boot | Stopped] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17-08-2001 20:52:16 | Attr =    ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(ElbyCDIO) ElbyCDIO Driver [Kernel | Auto | Running] -> %System32%\drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 0, 0 | Size = 8064 bytes | Modified Date = 22-04-2006 02:44:40 | Attr =    ]
(ElbyDelay) ElbyDelay [Kernel | On_Demand | Running] -> %System32%\drivers\ElbyDelay.sys -> Elaborate Bytes [Ver = 4, 3, 0, 0 | Size = 3840 bytes | Modified Date = 28-03-2003 16:25:52 | Attr =    ]
(es1371) Creative AudioPCI (ES1371,ES1373) (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Modified Date = 17-08-2001 19:19:34 | Attr =    ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mraid35x) mraid35x [Kernel | Boot | Stopped] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17-08-2001 20:52:12 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> %System32%\drivers\PQNTDRV.sys -> PowerQuest Corporation [Ver = 8.00.000 | Size = 4228 bytes | Modified Date = 16-09-2002 16:14:32 | Attr =    ]
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.11B | Size = 46080 bytes | Modified Date = 16-05-2006 21:23:54 | Attr =    ]
(ql1080) ql1080 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql12160) ql12160 [Kernel | Boot | Stopped] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql1280) ql1280 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17-08-2001 20:52:18 | Attr =    ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.504.613.2002 built by: WinDDK | Size = 45568 bytes | Modified Date = 13-06-2002 10:37:16 | Attr =    ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Europe Ltd [Ver = 3.17.000 | Size = 12464 bytes | Modified Date = 15-10-2006 18:33:28 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(sisagp) SiS AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\SISAGPX.SYS -> Silicon Integrated Systems Corporation [Ver = 7.2.0.1160 built by: WinDDK | Size = 36608 bytes | Modified Date = 20-02-2003 08:18:36 | Attr =    ]
(Sparrow) Sparrow [Kernel | Boot | Stopped] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17-08-2001 21:07:44 | Attr =    ]
(STAC97NA) SigmaTel 3D Environmental Audio [Kernel | On_Demand | Running] -> %System32%\drivers\stac97na.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 296179 bytes | Modified Date = 20-09-2002 17:42:32 | Attr =    ]
(STAC97NH) STAC97NH [Kernel | On_Demand | Running] -> %System32%\drivers\stac97nh.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 231983 bytes | Modified Date = 20-09-2002 17:43:18 | Attr =    ]
(symc810) symc810 [Kernel | Boot | Stopped] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17-08-2001 21:07:34 | Attr =    ]
(symc8xx) symc8xx [Kernel | Boot | Stopped] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17-08-2001 21:07:36 | Attr =    ]
(sym_hi) sym_hi [Kernel | Boot | Stopped] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17-08-2001 21:07:40 | Attr =    ]
(sym_u3) sym_u3 [Kernel | Boot | Stopped] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17-08-2001 21:07:42 | Attr =    ]
(ultra) ultra [Kernel | Boot | Stopped] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17-08-2001 20:52:22 | Attr =    ]
(usbbus) LGE Mobile Composite USB Device [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbbus.sys -> File not found
(USBCamera) DSC Still Image Capture (CA100) [Kernel | On_Demand | Stopped] -> System32\Drivers\Bulk533.sys -> File not found
(USBModem) LGE Mobile USB Modem [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbmodem.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(xmasbus) xmasbus [Kernel | Boot | Running] -> %System32%\drivers\xmasbus.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 140800 bytes | Modified Date = 21-12-2003 16:24:22 | Attr =    ]
(xmasscsi) xmasscsi [Kernel | Boot | Running] -> %System32%\drivers\xmasscsi.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 5504 bytes | Modified Date = 20-12-2003 19:03:42 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ACTIVBOARD -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
ATIModeChange -> %System32%\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 04-09-2001 15:24:26 | Attr =    ]
ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
BootSkin Startup Jobs -> %ProgramFiles%\Stardock\WinCustomize\BootSkin\BootSkin.exe ->  [Ver = 1, 0, 6, 0 | Size = 270336 bytes | Modified Date = 26-04-2004 16:21:00 | Attr =    ]
DAEMON Tools-1033 -> %ProgramFiles%\D-Tools\daemon.exe -> DAEMON'S HOME [Ver = 3.46.0.0 | Size = 81920 bytes | Modified Date = 12-03-2004 22:43:18 | Attr =    ]
Lexmark X1100 Series -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
Microsoft Corp Updates -> synet-ud.exe -> File not found
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09-07-2001 10:50:42 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
RegistryMechanic ->  -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
WinampAgent -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
< RunServices [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
Microsoft Corp Updates -> synet-ud.exe -> File not found
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AnyDVD -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
La_View Mouse -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
RealPlayer -> %ProgramFiles%\Real\RealOne Player\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.11.853 | Size = 1003520 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Menuen Start\Programmer\Start
%AllUsersStartup%\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 110592 bytes | Modified Date = 19-04-2002 21:30:04 | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://home.microsoft.com/search/lobby/search.asp ->
HKCU: Search Page -> http://home.microsoft.com/access/allinone.asp ->
HKCU: Start Page -> http://www.google.dk/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %SystemDrive%\APPS\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] ->  [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16-04-2001 17:06:52 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8196 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> 8195 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 09-11-2006 15:21:54 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Opslag] -> File not found
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> %ProgramFiles%\ladbrokesMPP\MPPoker.exe [ButtonText: Ladbrokes Poker] -> Microgaming [Ver = 2, 34, 0, 8 | Size = 49246 bytes | Modified Date = 21-01-2007 21:25:46 | Attr =    ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&ksporter til Microsoft Excel ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{32020A01-506E-484D-A2A8-BE3CF17601C3} [HKLM] -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AXShlEx.dll [AlcoholShellEx] -> Alcohol Soft Development Team [Ver = 1.4.7.1024 | Size = 387584 bytes | Modified Date = 22-12-2003 16:51:40 | Attr =    ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshellext.dll [Shell Extensions for RealOne Player] -> RealNetworks [Ver = 1.0.0.447 | Size = 45105 bytes | Modified Date = 13-10-2006 20:38:08 | Attr =    ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{0E7508AA-BE28-42C2-A26A-DE95AC6A9B3F} ->    () ->
{4CBDA344-F8C1-4894-921A-8157B71BEA22} ->    (1394-netværkskort) ->
{8BE2DF3B-94E0-4118-8C61-B229AB85F4BA} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160770528187 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160772767734 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D8089245-3211-40F6-819B-9E5E92CD61A2} -> FlashXControl Object - CodeBase = https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab ->
DirectAnimation Java Classes ->  - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Created Date = 02-01-1601 23:00:00 | Attr =  HS]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Created Date = 07-01-2007 23:00:11 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Created Date = 07-01-2007 23:00:13 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
cdplayer.ini -> %SystemRoot%\cdplayer.ini ->  [Ver =  | Size = 462 bytes | Created Date = 24-12-2006 14:41:13 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 06-01-2007 10:45:20 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 19-01-2007 23:45:08 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 19-01-2007 23:45:08 | Attr =  H ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Created Date = 07-01-2007 23:01:23 | Attr =    ]
eSellerateControl350.dll -> %System32%\eSellerateControl350.dll -> eSellerate Inc. [Ver = 3.5.0.0 | Size = 81920 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
esellerateEngine.dll -> %System32%\esellerateEngine.dll -> eSellerate Inc. [Ver = 3.5.6.0 | Size = 352256 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Created Date = 22-01-2007 19:42:23 | Attr =    ]

[Files - Modified Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Modified Date = 22-01-2007 19:10:14 | Attr =  HS]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst ->  [Ver =  | Size = 92581 bytes | Modified Date = 20-01-2007 14:59:24 | Attr =    ]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 22-01-2007 19:10:20 | Attr =  S]
cdplayer.ini -> %SystemRoot%\cdplayer.ini ->  [Ver =  | Size = 462 bytes | Modified Date = 24-12-2006 14:41:30 | Attr =    ]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 18-01-2007 05:40:16 | Attr =    ]
lexstat.ini -> %SystemRoot%\lexstat.ini ->  [Ver =  | Size = 228 bytes | Modified Date = 24-12-2006 21:56:54 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Modified Date = 21-01-2007 21:10:16 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 06-01-2007 10:45:22 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 22-01-2007 19:40:10 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 22-01-2007 19:40:10 | Attr =  H ]
smdat32m.sys -> %SystemRoot%\smdat32m.sys ->  [Ver =  | Size = 10 bytes | Modified Date = 11-01-2007 18:17:40 | Attr =    ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Modified Date = 07-01-2007 23:01:24 | Attr =    ]
d3d9caps.dat -> %System32%\d3d9caps.dat ->  [Ver =  | Size = 3580 bytes | Modified Date = 21-01-2007 10:21:14 | Attr =    ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2102 | Size = 24576 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1170 bytes | Modified Date = 22-01-2007 19:11:30 | Attr =    ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip ->  [Ver =  | Size = 3290841 bytes | Modified Date = 02-03-2006 16:18:34 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 12-10-2006 03:41:58 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 09-11-2006 15:38:38 | Attr =    ]
UPX! ,  -> %CommonProgramFiles%\Microsoft Shared\Web Components\11\1030\OWCFUN11.CHM ->  [Ver =  | Size = 599630 bytes | Modified Date = 18-08-2003 14:46:24 | Attr =    ]
PTech ,  -> %CommonProgramFiles%\Microsoft Shared\Works Shared\1030\WkCalLng.dll -> Microsoft® Corporation [Ver = 7.02.0620.0 | Size = 196608 bytes | Modified Date = 28-08-2002 11:21:42 | Attr =    ]
UPX! , UPX0 ,  -> %SystemRoot%\daemon.dll ->  [Ver = 3.46.0.0 | Size = 69120 bytes | Modified Date = 15-03-2004 19:28:50 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41123 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
UPX! , FSG! , PEC2 , aspack ,  -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
PTech ,  -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 03-08-2004 21:41:38 | Attr =    ]

< End of report >

Det var s** noget af en smøre...ejvindh, hvordan kan i læse noget ud af den?

Vi har nogle værktøjer, der omsætter loggen til mere forståelig tekst ;-)

Der var en lille smule i winpfind3-loggen, som du bør fixe:

-- Gå ind i kontrolpanel-tilføj/fjern programmer, og se om du kan få lov til at afinstallere følgende programmer:
Bitlord (er adware-baseret)

-- Kør WinPFind3U fra WinPFind3U-mappen igen. Kopier indholdet mellem de bølgede linier ind i det hvide felt til højre (højreklik på feltet og vælg "sæt ind"/"paste"):

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Kill Explorer]
[Registry - Non-Microsoft Only]
< RunServices [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
YN -> Microsoft Corp Updates -> synet-ud.exe
[Files - Modified Within 30 days]
NY -> smdat32m.sys -> %SystemRoot%\smdat32m.sys
[Start Explorer]
[Reboot]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

-- Klik herefter på "Run Fix", og følg instruksionerne, der gives. Din computer vil nu genstarte. Efter genstart skal du køre WinPFindU.exe igen, klikke på "Scan" og lægge en frisk log herind. I mappen, hvor du har installeret WinPFindU ligger der en log, hvis navn består af en masse numre - den skal du også kopiere herind. Du behøver i første omgang ikke lægge en ny log fra Winpfind3u herind.

-- Hvis det ikke hjælper på hastigheden, så prøv lige (som en test) at afinstallere Alcohol og Daemon tools.

WinPFind3 logfile created on: 23-01-2007 18:05:20
WinPFind3U by OldTimer - Version 1.0.11    Folder = C:\Documents and Settings\Hunter\Skrivebord\WinPFind\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1048048 Kb Total Physical Memory | 636796 Kb Available Physical Memory | 60,76% Memory free
1131088 Kb Paging File | 784628 Kb Available in Paging File | 69,37% Paging File free
Paging file location(s): C:\pagefile.sys 180 360;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 32684208 Kb Total Space | 12028780 Kb Free Space | 36,80% Space Free
Drive D: | 40957684 Kb Total Space | 26569672 Kb Free Space | 64,87% Space Free
Drive E: | 62918540 Kb Total Space | 53877056 Kb Free Space | 85,63% Space Free
Drive F: | 37190472 Kb Total Space | 19132544 Kb Free Space | 51,44% Space Free


[Processes - Non-Microsoft Only]
aboard.exe -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
anydvd.exe -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
aosd.exe -> %SystemDrive%\APPS\ABoard\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02-05-2003 10:31:38 | Attr =    ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
f1driver.exe -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
lexbces.exe -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
lexpps.exe -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 18-08-2003 15:32:56 | Attr =    ]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]
lxbkbmgr.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
lxbkbmon.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmon.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 53248 bytes | Modified Date = 19-08-2003 16:00:40 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
winampa.exe -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 18-01-2007 18:01:14 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe ->  [Ver = 5.13.0013 | Size = 114688 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 26-08-2004 16:53:50 | Attr =    ]
(LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(AliIde) AliIde [Kernel | Boot | Stopped] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17-08-2001 20:51:56 | Attr =    ]
(amdagp) Filterdriver til AMD AGP-bus [Kernel | Boot | Stopped] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03-08-2004 22:07:44 | Attr =    ]
(AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> %System32%\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 20096 bytes | Modified Date = 20-10-2006 18:42:42 | Attr =    ]
(asc) asc [Kernel | Boot | Stopped] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17-08-2001 20:52:00 | Attr =    ]
(asc3550) asc3550 [Kernel | Boot | Stopped] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17-08-2001 20:51:58 | Attr =    ]
(atapi) Standard IDE/ESDI-harddiskcontroller [Kernel | Boot | Running] -> %System32%\drivers\atapi.sys ->  [Ver =  | Size = 95360 bytes | Modified Date = 03-08-2004 21:59:44 | Attr =    ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6387 | Size = 611328 bytes | Modified Date = 12-09-2003 21:43:06 | Attr =    ]
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 29-10-2006 09:00:22 | Attr =    ]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7,1,0,398 | Size = 28416 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgTdi) AVG Network Redirector [Kernel | Auto | Running] -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(BootScreen) BootScreen [Kernel | Boot | Stopped] -> %System32%\drivers\vidstub.sys ->  [Ver =  | Size = 163712 bytes | Modified Date = 09-12-2006 07:34:26 | Attr =    ]
(Ca533av) MD Slimline, WDM Video Capture [Kernel | Auto | Stopped] -> System32\Drivers\Ca533av.sys -> File not found
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Boot | Stopped] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 04-10-2001 15:34:58 | Attr =    ]
(d346bus) d346bus [Kernel | Boot | Running] -> %System32%\drivers\d346bus.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 156800 bytes | Modified Date = 12-03-2004 22:41:28 | Attr =    ]
(d346prt) d346prt [Kernel | Boot | Running] -> %System32%\drivers\d346prt.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 12-03-2004 22:41:42 | Attr =    ]
(dac2w2k) dac2w2k [Kernel | Boot | Stopped] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17-08-2001 20:52:16 | Attr =    ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(ElbyCDIO) ElbyCDIO Driver [Kernel | Auto | Running] -> %System32%\drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 0, 0 | Size = 8064 bytes | Modified Date = 22-04-2006 02:44:40 | Attr =    ]
(ElbyDelay) ElbyDelay [Kernel | On_Demand | Running] -> %System32%\drivers\ElbyDelay.sys -> Elaborate Bytes [Ver = 4, 3, 0, 0 | Size = 3840 bytes | Modified Date = 28-03-2003 16:25:52 | Attr =    ]
(es1371) Creative AudioPCI (ES1371,ES1373) (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Modified Date = 17-08-2001 19:19:34 | Attr =    ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mraid35x) mraid35x [Kernel | Boot | Stopped] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17-08-2001 20:52:12 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> %System32%\drivers\PQNTDRV.sys -> PowerQuest Corporation [Ver = 8.00.000 | Size = 4228 bytes | Modified Date = 16-09-2002 16:14:32 | Attr =    ]
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.11B | Size = 46080 bytes | Modified Date = 16-05-2006 21:23:54 | Attr =    ]
(ql1080) ql1080 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql12160) ql12160 [Kernel | Boot | Stopped] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql1280) ql1280 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17-08-2001 20:52:18 | Attr =    ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.504.613.2002 built by: WinDDK | Size = 45568 bytes | Modified Date = 13-06-2002 10:37:16 | Attr =    ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Europe Ltd [Ver = 3.17.000 | Size = 12464 bytes | Modified Date = 15-10-2006 18:33:28 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(sisagp) SiS AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\SISAGPX.SYS -> Silicon Integrated Systems Corporation [Ver = 7.2.0.1160 built by: WinDDK | Size = 36608 bytes | Modified Date = 20-02-2003 08:18:36 | Attr =    ]
(Sparrow) Sparrow [Kernel | Boot | Stopped] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17-08-2001 21:07:44 | Attr =    ]
(STAC97NA) SigmaTel 3D Environmental Audio [Kernel | On_Demand | Running] -> %System32%\drivers\stac97na.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 296179 bytes | Modified Date = 20-09-2002 17:42:32 | Attr =    ]
(STAC97NH) STAC97NH [Kernel | On_Demand | Running] -> %System32%\drivers\stac97nh.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 231983 bytes | Modified Date = 20-09-2002 17:43:18 | Attr =    ]
(symc810) symc810 [Kernel | Boot | Stopped] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17-08-2001 21:07:34 | Attr =    ]
(symc8xx) symc8xx [Kernel | Boot | Stopped] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17-08-2001 21:07:36 | Attr =    ]
(sym_hi) sym_hi [Kernel | Boot | Stopped] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17-08-2001 21:07:40 | Attr =    ]
(sym_u3) sym_u3 [Kernel | Boot | Stopped] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17-08-2001 21:07:42 | Attr =    ]
(ultra) ultra [Kernel | Boot | Stopped] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17-08-2001 20:52:22 | Attr =    ]
(usbbus) LGE Mobile Composite USB Device [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbbus.sys -> File not found
(USBCamera) DSC Still Image Capture (CA100) [Kernel | On_Demand | Stopped] -> System32\Drivers\Bulk533.sys -> File not found
(USBModem) LGE Mobile USB Modem [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbmodem.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(xmasbus) xmasbus [Kernel | Boot | Running] -> %System32%\drivers\xmasbus.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 140800 bytes | Modified Date = 21-12-2003 16:24:22 | Attr =    ]
(xmasscsi) xmasscsi [Kernel | Boot | Running] -> %System32%\drivers\xmasscsi.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 5504 bytes | Modified Date = 20-12-2003 19:03:42 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ACTIVBOARD -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
ATIModeChange -> %System32%\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 04-09-2001 15:24:26 | Attr =    ]
ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
BootSkin Startup Jobs -> %ProgramFiles%\Stardock\WinCustomize\BootSkin\BootSkin.exe ->  [Ver = 1, 0, 6, 0 | Size = 270336 bytes | Modified Date = 26-04-2004 16:21:00 | Attr =    ]
DAEMON Tools-1033 -> %ProgramFiles%\D-Tools\daemon.exe -> DAEMON'S HOME [Ver = 3.46.0.0 | Size = 81920 bytes | Modified Date = 12-03-2004 22:43:18 | Attr =    ]
Lexmark X1100 Series -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
Microsoft Corp Updates -> synet-ud.exe -> File not found
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09-07-2001 10:50:42 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
RegistryMechanic ->  -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
WinampAgent -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AnyDVD -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
La_View Mouse -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
RealPlayer -> %ProgramFiles%\Real\RealOne Player\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.11.853 | Size = 1003520 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Menuen Start\Programmer\Start
%AllUsersStartup%\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 110592 bytes | Modified Date = 19-04-2002 21:30:04 | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://home.microsoft.com/search/lobby/search.asp ->
HKCU: Search Page -> http://home.microsoft.com/access/allinone.asp ->
HKCU: Start Page -> http://www.google.dk/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %SystemDrive%\APPS\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] ->  [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16-04-2001 17:06:52 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8196 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> 8195 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 09-11-2006 15:21:54 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Opslag] -> File not found
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> %ProgramFiles%\ladbrokesMPP\MPPoker.exe [ButtonText: Ladbrokes Poker] -> Microgaming [Ver = 2, 34, 0, 8 | Size = 49246 bytes | Modified Date = 21-01-2007 21:25:46 | Attr =    ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&ksporter til Microsoft Excel ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{32020A01-506E-484D-A2A8-BE3CF17601C3} [HKLM] -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AXShlEx.dll [AlcoholShellEx] -> Alcohol Soft Development Team [Ver = 1.4.7.1024 | Size = 387584 bytes | Modified Date = 22-12-2003 16:51:40 | Attr =    ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshellext.dll [Shell Extensions for RealOne Player] -> RealNetworks [Ver = 1.0.0.447 | Size = 45105 bytes | Modified Date = 13-10-2006 20:38:08 | Attr =    ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{0E7508AA-BE28-42C2-A26A-DE95AC6A9B3F} ->    () ->
{4CBDA344-F8C1-4894-921A-8157B71BEA22} ->    (1394-netværkskort) ->
{8BE2DF3B-94E0-4118-8C61-B229AB85F4BA} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160770528187 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160772767734 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D8089245-3211-40F6-819B-9E5E92CD61A2} -> FlashXControl Object - CodeBase = https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab ->
DirectAnimation Java Classes ->  - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Created Date = 02-01-1601 23:00:00 | Attr =  HS]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Created Date = 07-01-2007 23:00:11 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Created Date = 07-01-2007 23:00:13 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 06-01-2007 10:45:20 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 19-01-2007 23:45:08 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 19-01-2007 23:45:08 | Attr =  H ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Created Date = 07-01-2007 23:01:23 | Attr =    ]
eSellerateControl350.dll -> %System32%\eSellerateControl350.dll -> eSellerate Inc. [Ver = 3.5.0.0 | Size = 81920 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
esellerateEngine.dll -> %System32%\esellerateEngine.dll -> eSellerate Inc. [Ver = 3.5.6.0 | Size = 352256 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Created Date = 22-01-2007 19:42:23 | Attr =    ]

[Files - Modified Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Modified Date = 23-01-2007 16:55:04 | Attr =  HS]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst ->  [Ver =  | Size = 92581 bytes | Modified Date = 20-01-2007 14:59:24 | Attr =    ]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 23-01-2007 16:55:10 | Attr =  S]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 18-01-2007 05:40:16 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Modified Date = 21-01-2007 21:10:16 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 06-01-2007 10:45:22 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 23-01-2007 16:55:32 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 23-01-2007 16:55:32 | Attr =  H ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Modified Date = 07-01-2007 23:01:24 | Attr =    ]
d3d9caps.dat -> %System32%\d3d9caps.dat ->  [Ver =  | Size = 3580 bytes | Modified Date = 21-01-2007 10:21:14 | Attr =    ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2102 | Size = 24576 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1170 bytes | Modified Date = 23-01-2007 16:56:18 | Attr =    ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip ->  [Ver =  | Size = 3290841 bytes | Modified Date = 02-03-2006 16:18:34 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 12-10-2006 03:41:58 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 09-11-2006 15:38:38 | Attr =    ]
UPX! ,  -> %CommonProgramFiles%\Microsoft Shared\Web Components\11\1030\OWCFUN11.CHM ->  [Ver =  | Size = 599630 bytes | Modified Date = 18-08-2003 14:46:24 | Attr =    ]
PTech ,  -> %CommonProgramFiles%\Microsoft Shared\Works Shared\1030\WkCalLng.dll -> Microsoft® Corporation [Ver = 7.02.0620.0 | Size = 196608 bytes | Modified Date = 28-08-2002 11:21:42 | Attr =    ]
UPX! , UPX0 ,  -> %SystemRoot%\daemon.dll ->  [Ver = 3.46.0.0 | Size = 69120 bytes | Modified Date = 15-03-2004 19:28:50 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41123 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
UPX! , FSG! , PEC2 , aspack ,  -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
PTech ,  -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 03-08-2004 21:41:38 | Attr =    ]

< End of report >

Nå, nu fik jeg endelig øje på skidtet:

-- Hent denne fil, og pak den ud til en mappe på skrivebordet:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Dobbeltklik på filen, og lad den pakke sig ud til en mappe i roden af din harddisk (typisk: c:\SDfix)

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Gå så ind i mappen SDFix, som du fik oprettet tidligere. Dobbeltklik på filen RunThis.bat, for at starte værktøjet. Tryk "y" for at bekræfte, at du kører værktøjet på egen risiko. Så vil værktøjet gå i gang med at fjerne trojanservicen, og lave et par reparationer af registreringsdatabasen. På et tidspunkt vil det bede dig om at trykke en taste for at genstarte computeren. Det skal du gøre, hvorefter computeren vil genstarte efter 15 sekunder.

Genstarten vil tage lidt længere end sædvanligt, idet værktøjet skal have tid til at udføre sit arbejde. Når skrivebordet dukker op, vil værktøjet skrive "Finished". Tryk herefter en taste for at indlæse dine skrivebordsikoner igen.

Åben så SDFix-mappen, find filen Report.txt, og kopier indholdet af denne fil herind, sammen med en ny log fra Hijackthis.

Det har hjulpet MEGET på det....laver lige en ny log til dig..

WinPFind3 logfile created on: 23-01-2007 21:14:00
WinPFind3U by OldTimer - Version 1.0.11    Folder = C:\Documents and Settings\Hunter\Skrivebord\WinPFind\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 7.0.5730.11)

1048048 Kb Total Physical Memory | 687080 Kb Available Physical Memory | 65,56% Memory free
1131088 Kb Paging File | 858848 Kb Available in Paging File | 75,93% Paging File free
Paging file location(s): C:\pagefile.sys 180 360;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 32684208 Kb Total Space | 12023032 Kb Free Space | 36,79% Space Free
Drive D: | 40957684 Kb Total Space | 26569668 Kb Free Space | 64,87% Space Free
Drive E: | 62918540 Kb Total Space | 53877052 Kb Free Space | 85,63% Space Free
Drive F: | 37190472 Kb Total Space | 19132540 Kb Free Space | 51,44% Space Free


[Processes - Non-Microsoft Only]
aboard.exe -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
anydvd.exe -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
aosd.exe -> %SystemDrive%\APPS\ABoard\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02-05-2003 10:31:38 | Attr =    ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
avgemc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
daemon.exe -> %ProgramFiles%\D-Tools\daemon.exe -> DAEMON'S HOME [Ver = 3.46.0.0 | Size = 81920 bytes | Modified Date = 12-03-2004 22:43:18 | Attr =    ]
f1driver.exe -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
lexbces.exe -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
lexpps.exe -> %System32%\LEXPPS.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 174592 bytes | Modified Date = 18-08-2003 15:32:56 | Attr =    ]
lssrvc.exe -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]
lxbkbmgr.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
lxbkbmon.exe -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmon.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 53248 bytes | Modified Date = 19-08-2003 16:00:40 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
realsched.exe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
winampa.exe -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.11.0 | Size = 306176 bytes | Modified Date = 18-01-2007 18:01:14 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe ->  [Ver = 5.13.0013 | Size = 114688 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 343552 bytes | Modified Date = 29-10-2006 09:00:14 | Attr =    ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AVGEMS) AVG E-mail Scanner [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgemc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.432 | Size = 323072 bytes | Modified Date = 06-12-2006 08:58:54 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 26-08-2004 16:53:50 | Attr =    ]
(LexBceS) LexBce Server [Win32_Own | Auto | Running] -> %System32%\LEXBCES.EXE -> Lexmark International, Inc. [Ver = 8.29 | Size = 303104 bytes | Modified Date = 18-08-2003 15:37:10 | Attr =    ]
(LightScribeService) LightScribeService Direct Disc Labeling Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\LightScribe\LSSrvc.exe -> Hewlett-Packard Company [Ver = 1.4.31.1 | Size = 53248 bytes | Modified Date = 20-06-2005 22:10:30 | Attr =    ]

[Driver Services - Non-Microsoft Only]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(AliIde) AliIde [Kernel | Boot | Stopped] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17-08-2001 20:51:56 | Attr =    ]
(amdagp) Filterdriver til AMD AGP-bus [Kernel | Boot | Stopped] -> %System32%\drivers\amdagp.sys -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03-08-2004 22:07:44 | Attr =    ]
(AnyDVD) AnyDVD [Kernel | On_Demand | Running] -> %System32%\drivers\AnyDVD.sys -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 20096 bytes | Modified Date = 20-10-2006 18:42:42 | Attr =    ]
(asc) asc [Kernel | Boot | Stopped] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17-08-2001 20:52:00 | Attr =    ]
(asc3550) asc3550 [Kernel | Boot | Stopped] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17-08-2001 20:51:58 | Attr =    ]
(atapi) Standard IDE/ESDI-harddiskcontroller [Kernel | Boot | Running] -> %System32%\drivers\atapi.sys ->  [Ver =  | Size = 95360 bytes | Modified Date = 03-08-2004 21:59:44 | Attr =    ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6387 | Size = 611328 bytes | Modified Date = 12-09-2003 21:43:06 | Attr =    ]
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 29-10-2006 09:00:22 | Attr =    ]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7,1,0,398 | Size = 28416 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(AvgTdi) AVG Network Redirector [Kernel | Auto | Running] -> %System32%\drivers\avgtdi.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,346 | Size = 4960 bytes | Modified Date = 29-10-2006 09:00:20 | Attr =    ]
(BootScreen) BootScreen [Kernel | Boot | Stopped] -> %System32%\drivers\vidstub.sys ->  [Ver =  | Size = 163712 bytes | Modified Date = 09-12-2006 07:34:26 | Attr =    ]
(Ca533av) MD Slimline, WDM Video Capture [Kernel | Auto | Stopped] -> System32\Drivers\Ca533av.sys -> File not found
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Boot | Stopped] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 04-10-2001 15:34:58 | Attr =    ]
(d346bus) d346bus [Kernel | Boot | Running] -> %System32%\drivers\d346bus.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 156800 bytes | Modified Date = 12-03-2004 22:41:28 | Attr =    ]
(d346prt) d346prt [Kernel | Boot | Running] -> %System32%\drivers\d346prt.sys ->  [Ver = 3.46.0.0 built by: WinDDK | Size = 5248 bytes | Modified Date = 12-03-2004 22:41:42 | Attr =    ]
(dac2w2k) dac2w2k [Kernel | Boot | Stopped] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17-08-2001 20:52:16 | Attr =    ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 26-08-2004 16:49:40 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(ElbyCDIO) ElbyCDIO Driver [Kernel | Auto | Running] -> %System32%\drivers\ElbyCDIO.sys -> Elaborate Bytes AG [Ver = 6, 0, 0, 0 | Size = 8064 bytes | Modified Date = 22-04-2006 02:44:40 | Attr =    ]
(ElbyDelay) ElbyDelay [Kernel | On_Demand | Running] -> %System32%\drivers\ElbyDelay.sys -> Elaborate Bytes [Ver = 4, 3, 0, 0 | Size = 3840 bytes | Modified Date = 28-03-2003 16:25:52 | Attr =    ]
(es1371) Creative AudioPCI (ES1371,ES1373) (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\es1371mp.sys -> Creative Technology Ltd. [Ver = 5.1.2501.0 built by: WinDDK | Size = 40704 bytes | Modified Date = 17-08-2001 19:19:34 | Attr =    ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mraid35x) mraid35x [Kernel | Boot | Stopped] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17-08-2001 20:52:12 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PQNTDrv) PQNTDrv [Kernel | System | Running] -> %System32%\drivers\PQNTDRV.sys -> PowerQuest Corporation [Ver = 8.00.000 | Size = 4228 bytes | Modified Date = 16-09-2002 16:14:32 | Attr =    ]
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 3.00.11B | Size = 46080 bytes | Modified Date = 16-05-2006 21:23:54 | Attr =    ]
(ql1080) ql1080 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql12160) ql12160 [Kernel | Boot | Stopped] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql1280) ql1280 [Kernel | Boot | Stopped] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17-08-2001 20:52:18 | Attr =    ]
(rtl8139) Realtek RTL8139/810x Family Fast Ethernet NIC NT Driver [Kernel | On_Demand | Running] -> %System32%\drivers\R8139n51.sys -> Realtek Semiconductor Corporation [Ver = 5.504.613.2002 built by: WinDDK | Size = 45568 bytes | Modified Date = 13-06-2002 10:37:16 | Attr =    ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Europe Ltd [Ver = 3.17.000 | Size = 12464 bytes | Modified Date = 15-10-2006 18:33:28 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(sisagp) SiS AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\SISAGPX.SYS -> Silicon Integrated Systems Corporation [Ver = 7.2.0.1160 built by: WinDDK | Size = 36608 bytes | Modified Date = 20-02-2003 08:18:36 | Attr =    ]
(Sparrow) Sparrow [Kernel | Boot | Stopped] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17-08-2001 21:07:44 | Attr =    ]
(STAC97NA) SigmaTel 3D Environmental Audio [Kernel | On_Demand | Running] -> %System32%\drivers\stac97na.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 296179 bytes | Modified Date = 20-09-2002 17:42:32 | Attr =    ]
(STAC97NH) STAC97NH [Kernel | On_Demand | Running] -> %System32%\drivers\stac97nh.sys -> SigmaTel Inc. [Ver = 6.13.10.9010 | Size = 231983 bytes | Modified Date = 20-09-2002 17:43:18 | Attr =    ]
(symc810) symc810 [Kernel | Boot | Stopped] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17-08-2001 21:07:34 | Attr =    ]
(symc8xx) symc8xx [Kernel | Boot | Stopped] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17-08-2001 21:07:36 | Attr =    ]
(sym_hi) sym_hi [Kernel | Boot | Stopped] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17-08-2001 21:07:40 | Attr =    ]
(sym_u3) sym_u3 [Kernel | Boot | Stopped] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17-08-2001 21:07:42 | Attr =    ]
(ultra) ultra [Kernel | Boot | Stopped] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17-08-2001 20:52:22 | Attr =    ]
(usbbus) LGE Mobile Composite USB Device [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbbus.sys -> File not found
(USBCamera) DSC Still Image Capture (CA100) [Kernel | On_Demand | Stopped] -> System32\Drivers\Bulk533.sys -> File not found
(USBModem) LGE Mobile USB Modem [Kernel | On_Demand | Stopped] -> system32\DRIVERS\lgusbmodem.sys -> File not found
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found
(xmasbus) xmasbus [Kernel | Boot | Running] -> %System32%\drivers\xmasbus.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 140800 bytes | Modified Date = 21-12-2003 16:24:22 | Attr =    ]
(xmasscsi) xmasscsi [Kernel | Boot | Running] -> %System32%\drivers\xmasscsi.sys ->  [Ver = 3.44.0.0 built by: WinDDK | Size = 5504 bytes | Modified Date = 20-12-2003 19:03:42 | Attr =    ]

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ACTIVBOARD -> %SystemDrive%\APPS\ABoard\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
ATIModeChange -> %System32%\Ati2mdxx.exe -> ATI Technologies, Inc. [Ver = 4.13.3 | Size = 28672 bytes | Modified Date = 04-09-2001 15:24:26 | Attr =    ]
ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5046 | Size = 335872 bytes | Modified Date = 12-09-2003 20:10:00 | Attr =    ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.418 | Size = 406016 bytes | Modified Date = 29-10-2006 09:00:16 | Attr =    ]
BootSkin Startup Jobs -> %ProgramFiles%\Stardock\WinCustomize\BootSkin\BootSkin.exe ->  [Ver = 1, 0, 6, 0 | Size = 270336 bytes | Modified Date = 26-04-2004 16:21:00 | Attr =    ]
DAEMON Tools-1033 -> %ProgramFiles%\D-Tools\daemon.exe -> DAEMON'S HOME [Ver = 3.46.0.0 | Size = 81920 bytes | Modified Date = 12-03-2004 22:43:18 | Attr =    ]
Lexmark X1100 Series -> %ProgramFiles%\Lexmark X1100 Series\lxbkbmgr.exe -> Lexmark International, Inc. [Ver = 0.1.1.1 | Size = 57344 bytes | Modified Date = 19-08-2003 15:38:42 | Attr =    ]
NeroFilterCheck -> %System32%\NeroCheck.exe -> Ahead Software Gmbh [Ver = 1, 0, 0, 2 | Size = 155648 bytes | Modified Date = 09-07-2001 10:50:42 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.0 | Size = 77824 bytes | Modified Date = 13-10-2006 20:37:30 | Attr =    ]
RegistryMechanic ->  -> File not found
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_10\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 49263 bytes | Modified Date = 09-11-2006 15:07:30 | Attr =    ]
TkBellExe -> %CommonProgramFiles%\Real\Update_OB\realsched.exe -> RealNetworks, Inc. [Ver = 0.1.0.1622 | Size = 151597 bytes | Modified Date = 13-10-2006 20:38:06 | Attr =    ]
WinampAgent -> %ProgramFiles%\Winamp\winampa.exe ->  [Ver =  | Size = 35328 bytes | Modified Date = 07-06-2006 17:12:04 | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< Run [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
AnyDVD -> %ProgramFiles%\SlySoft\AnyDVD\AnyDVD.exe -> SlySoft, Inc. [Ver = 6.0.8.2 | Size = 497152 bytes | Modified Date = 21-10-2006 19:05:00 | Attr =    ]
La_View Mouse -> %ProgramFiles%\AGK Nordic XtremeIT F1\F1Driver.exe ->  [Ver = 2.3 | Size = 2981888 bytes | Modified Date = 24-09-2005 11:12:38 | Attr =    ]
RealPlayer -> %ProgramFiles%\Real\RealOne Player\realplay.exe -> RealNetworks, Inc. [Ver = 6.0.11.853 | Size = 1003520 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
< Common Startup > -> C:\Documents and Settings\All Users\Menuen Start\Programmer\Start
%AllUsersStartup%\Adobe Gamma Loader.lnk -> %CommonProgramFiles%\Adobe\Calibration\Adobe Gamma Loader.exe -> Adobe Systems, Inc. [Ver = 1, 0, 0, 1 | Size = 110592 bytes | Modified Date = 19-04-2002 21:30:04 | Attr =    ]
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\ ->  ->
-> HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
< HOSTS File > -> C:\WINDOWS\System32\drivers\etc\Hosts
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: Main\\Default_Search_URL -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://go.microsoft.com/fwlink/?LinkId=54896 ->
HKLM: Start Page -> http://go.microsoft.com/fwlink/?LinkId=69157 ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://home.microsoft.com/search/lobby/search.asp ->
HKCU: Search Page -> http://home.microsoft.com/access/allinone.asp ->
HKCU: Start Page -> http://www.google.dk/ ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %SystemDrive%\APPS\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx [AcroIEHlprObj Class] ->  [Ver = 1, 0, 0, 1 | Size = 37808 bytes | Modified Date = 16-04-2001 17:06:52 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
< Internet Explorer Bars [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8196 - Sun Java Console ->
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> 8193 - Reg Data - Value does not exist ->
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> 8195 - Reg Data - Value does not exist ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8194 - Windows Messenger ->
NextId -> 8197 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_10\bin\npjpi150_10.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 75528 bytes | Modified Date = 09-11-2006 15:21:54 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_10\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.100.3 | Size = 440056 bytes | Modified Date = 09-11-2006 15:21:52 | Attr =    ]
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -> Reg Data - Value does not exist [ButtonText: Opslag] -> File not found
{C2A80015-C447-4dc4-82DD-AED83D6ED57E} -> %ProgramFiles%\ladbrokesMPP\MPPoker.exe [ButtonText: Ladbrokes Poker] -> Microgaming [Ver = 2, 34, 0, 8 | Size = 49246 bytes | Modified Date = 21-01-2007 21:25:46 | Attr =    ]
{e2e2dd38-d088-4134-82b7-f2ba38496583} [HKLM] -> Reg Data - Key not found [MenuText: @xpsp3res.dll,-20001] -> File not found
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&ksporter til Microsoft Excel ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{32020A01-506E-484D-A2A8-BE3CF17601C3} [HKLM] -> %ProgramFiles%\Alcohol Soft\Alcohol 120\AXShlEx.dll [AlcoholShellEx] -> Alcohol Soft Development Team [Ver = 1.4.7.1024 | Size = 387584 bytes | Modified Date = 22-12-2003 16:51:40 | Attr =    ]
{32683183-48a0-441b-a342-7c2a440a9478} [HKLM] -> Reg Data - Key not found [Media Band] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR shell extension] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealOne Player\rpshellext.dll [Shell Extensions for RealOne Player] -> RealNetworks [Ver = 1.0.0.447 | Size = 45105 bytes | Modified Date = 13-10-2006 20:38:08 | Attr =    ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Directory [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Directory\shellex\ContextMenuHandlers\
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 29-10-2006 09:00:18 | Attr =    ]
{B41DB860-8EE4-11D2-9906-E49FADC173CA} [HKLM] -> %ProgramFiles%\WinRAR\RarExt.dll [WinRAR] ->  [Ver =  | Size = 121344 bytes | Modified Date = 08-09-2004 18:51:54 | Attr =    ]
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{0E7508AA-BE28-42C2-A26A-DE95AC6A9B3F} ->    () ->
{4CBDA344-F8C1-4894-921A-8157B71BEA22} ->    (1394-netværkskort) ->
{8BE2DF3B-94E0-4118-8C61-B229AB85F4BA} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{6414512B-B978-451D-A0D8-FCFDF33E833C} -> WUWebControl Class - CodeBase = http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1160770528187 ->
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3} -> MUWebControl Class - CodeBase = http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1160772767734 ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_09 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_09-windows-i586.cab ->
{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_10 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab ->
{D27CDB6E-AE6D-11CF-96B8-444553540000} ->  - CodeBase = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab ->
{D8089245-3211-40F6-819B-9E5E92CD61A2} -> FlashXControl Object - CodeBase = https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab ->
DirectAnimation Java Classes ->  - CodeBase = file://C:\WINDOWS\Java\classes\dajava.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->


[Files - Created Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Created Date = 02-01-1601 23:00:00 | Attr =  HS]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Created Date = 07-01-2007 22:55:00 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Created Date = 07-01-2007 23:00:11 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Created Date = 07-01-2007 23:00:13 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Created Date = 07-01-2007 23:00:12 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Created Date = 06-01-2007 10:45:20 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Created Date = 19-01-2007 23:45:08 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Created Date = 19-01-2007 23:45:08 | Attr =  H ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Created Date = 07-01-2007 23:01:23 | Attr =    ]
eSellerateControl350.dll -> %System32%\eSellerateControl350.dll -> eSellerate Inc. [Ver = 3.5.0.0 | Size = 81920 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
esellerateEngine.dll -> %System32%\esellerateEngine.dll -> eSellerate Inc. [Ver = 3.5.6.0 | Size = 352256 bytes | Created Date = 22-01-2007 20:46:03 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Created Date = 22-01-2007 19:42:23 | Attr =    ]

[Files - Modified Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 1073270784 bytes | Modified Date = 23-01-2007 21:07:50 | Attr =  HS]
AdobeFnt.lst -> %CommonProgramFiles%\Adobe\TypeSpt\AdobeFnt.lst ->  [Ver =  | Size = 92581 bytes | Modified Date = 20-01-2007 14:59:24 | Attr =    ]
vpd.properties -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.properties ->  [Ver =  | Size = 358 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
vpd.script -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\_vpddb\vpd.script ->  [Ver =  | Size = 8721 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
engine.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\engine.jar ->  [Ver =  | Size = 2719141 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
macosxppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\macosxppk.jar ->  [Ver =  | Size = 202294 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
windowsppk.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\ext\windowsppk.jar ->  [Ver =  | Size = 1546107 bytes | Modified Date = 07-01-2007 23:00:16 | Attr =    ]
hsqldb.jar -> %CommonProgramFiles%\InstallShield\Universal\common\Gen1\engine\1.0\library\hsqldb.jar ->  [Ver =  | Size = 258921 bytes | Modified Date = 07-01-2007 23:00:14 | Attr =    ]
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 23-01-2007 21:07:54 | Attr =  S]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 18-01-2007 05:40:16 | Attr =    ]
NeroDigital.ini -> %SystemRoot%\NeroDigital.ini ->  [Ver =  | Size = 69 bytes | Modified Date = 21-01-2007 21:10:16 | Attr =    ]
PowerReg.dat -> %SystemRoot%\PowerReg.dat ->  [Ver =  | Size = 0 bytes | Modified Date = 06-01-2007 10:45:22 | Attr =    ]
QTFont.for -> %SystemRoot%\QTFont.for ->  [Ver =  | Size = 1409 bytes | Modified Date = 23-01-2007 21:11:06 | Attr =    ]
QTFont.qfn -> %SystemRoot%\QTFont.qfn ->  [Ver =  | Size = 54156 bytes | Modified Date = 23-01-2007 21:11:06 | Attr =  H ]
CmdLineExt.dll -> %System32%\CmdLineExt.dll -> Sony DADC Austria AG. [Ver = 1,0,201,0 | Size = 98304 bytes | Modified Date = 07-01-2007 23:01:24 | Attr =    ]
d3d9caps.dat -> %System32%\d3d9caps.dat ->  [Ver =  | Size = 3580 bytes | Modified Date = 21-01-2007 10:21:14 | Attr =    ]
rmoc3260.dll -> %System32%\rmoc3260.dll -> RealNetworks, Inc. [Ver = 6.0.9.2102 | Size = 24576 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
rmocx.dll -> %System32%\rmocx.dll -> RealNetworks [Ver = 6.0.8.1839 | Size = 147495 bytes | Modified Date = 22-01-2007 19:42:24 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1170 bytes | Modified Date = 23-01-2007 21:09:02 | Attr =    ]

[File String Scan - Non-Microsoft Only]
Thawte Consulting ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\core3.zip ->  [Ver =  | Size = 3290841 bytes | Modified Date = 02-03-2006 16:18:34 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_09.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4490872 bytes | Modified Date = 12-10-2006 03:41:58 | Attr =    ]
USERTRUST ,  -> %CommonProgramFiles%\Java\Update\Base Images\jre1.5.0.b64\patch-jre1.5.0_10.b03\patchjre.exe -> Sun Microsystems, Inc. [Ver = 1, 0, 0, 1 | Size = 4650616 bytes | Modified Date = 09-11-2006 15:38:38 | Attr =    ]
UPX! ,  -> %CommonProgramFiles%\Microsoft Shared\Web Components\11\1030\OWCFUN11.CHM ->  [Ver =  | Size = 599630 bytes | Modified Date = 18-08-2003 14:46:24 | Attr =    ]
PTech ,  -> %CommonProgramFiles%\Microsoft Shared\Works Shared\1030\WkCalLng.dll -> Microsoft® Corporation [Ver = 7.02.0620.0 | Size = 196608 bytes | Modified Date = 28-08-2002 11:21:42 | Attr =    ]
UPX! , UPX0 ,  -> %SystemRoot%\daemon.dll ->  [Ver = 3.46.0.0 | Size = 69120 bytes | Modified Date = 15-03-2004 19:28:50 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41123 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 16-09-2002 11:00:00 | Attr =    ]
UPX! , FSG! , PEC2 , aspack ,  -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.429 | Size = 816672 bytes | Modified Date = 02-11-2006 08:58:40 | Attr =    ]
PTech ,  -> %System32%\drivers\mtlstrm.sys -> Smart Link [Ver = 3.80.01MC15 | Size = 1309184 bytes | Modified Date = 03-08-2004 21:41:38 | Attr =    ]

< End of report >

Det ser fornuftigt ud. Gider du lige lægge loggen fra SDfix herind også. Så kan jeg nemlig bedre danne mig et overblik over, om der er mere, der skal fjernes.

SDFix: Version 1.62

23-01-2007 - 21:04:10,03

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:

Path:


Restoring Windows Registry Entries
Restoring Default Hosts File


Rebooting...

Normal Mode:
Checking Files:

Files will be copied to Backups folder and removed:

C:\WINDOWS\system32\plugin1.dat - Deleted



Alternate Streams Check:

C:\WINDOWS\system32
No streams found.

                                Final Check:

Remaining Services:
------------------


Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmer\\MSN Messenger\\msnmsgr.exe"="C:\\Programmer\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Programmer\\MSN Messenger\\msncall.exe"="C:\\Programmer\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Programmer\\NovaLogic\\Joint Operations Typhoon Rising\\UPDATE.EXE"="C:\\Programmer\\NovaLogic\\Joint Operations Typhoon Rising\\UPDATE.EXE:*:Enabled:UPDATE"
"C:\\Programmer\\NovaLogic\\Delta Force Black Hawk Down\\UPDATE.EXE"="C:\\Programmer\\NovaLogic\\Delta Force Black Hawk Down\\UPDATE.EXE:*:Enabled:UPDATE"
"C:\\Programmer\\NovaLogic\\Delta Force Black Hawk Down\\DFBHD.EXE"="C:\\Programmer\\NovaLogic\\Delta Force Black Hawk Down\\DFBHD.EXE:*:Enabled:DFBHD"
"C:\\Programmer\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe"="C:\\Programmer\\NovaLogic\\Joint Operations Typhoon Rising\\Jointops.exe:*:Enabled:Jointops"
"C:\\Programmer\\DFPinger\\DFBHDPinger\\DFBHDPinger.exe"="C:\\Programmer\\DFPinger\\DFBHDPinger\\DFBHDPinger.exe:*:Enabled:DFBHDPinger"
"C:\\Programmer\\Grisoft\\AVG Free\\avginet.exe"="C:\\Programmer\\Grisoft\\AVG Free\\avginet.exe:*:Enabled:avginet.exe"
"C:\\Programmer\\Grisoft\\AVG Free\\avgamsvr.exe"="C:\\Programmer\\Grisoft\\AVG Free\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\\Programmer\\Grisoft\\AVG Free\\avgcc.exe"="C:\\Programmer\\Grisoft\\AVG Free\\avgcc.exe:*:Enabled:avgcc.exe"
"C:\\Programmer\\Grisoft\\AVG Free\\avgemc.exe"="C:\\Programmer\\Grisoft\\AVG Free\\avgemc.exe:*:Enabled:avgemc.exe"
"C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"="C:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe:*:Enabled:Fjernsupport - Windows Messenger og samtale"
"C:\\Programmer\\SmartFTP Client 2.0\\SmartFTP.exe"="C:\\Programmer\\SmartFTP Client 2.0\\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0"
"C:\\Programmer\\EA GAMES\\Battlefield 1942\\BF1942.exe"="C:\\Programmer\\EA GAMES\\Battlefield 1942\\BF1942.exe:*:Enabled:BF1942"
"C:\\Programmer\\NovaLogic\\Delta Force Task Force Dagger\\Update.exe"="C:\\Programmer\\NovaLogic\\Delta Force Task Force Dagger\\Update.exe:*:Enabled:Update"
"C:\\Programmer\\NovaLogic\\Delta Force Task Force Dagger\\DFTFD.exe"="C:\\Programmer\\NovaLogic\\Delta Force Task Force Dagger\\DFTFD.exe:*:Enabled:DFTFD"
"C:\\Programmer\\NovaLogic\\Delta Force Land Warrior\\Update.exe"="C:\\Programmer\\NovaLogic\\Delta Force Land Warrior\\Update.exe:*:Enabled:Update"
"C:\\Programmer\\NovaLogic\\Delta Force Land Warrior\\DFLW.EXE"="C:\\Programmer\\NovaLogic\\Delta Force Land Warrior\\DFLW.EXE:*:Enabled:DFLW"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmer\\MSN Messenger\\msnmsgr.exe"="C:\\Programmer\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.0"
"C:\\Programmer\\MSN Messenger\\msncall.exe"="C:\\Programmer\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :

C:\NTDETECT.COM
C:\Programmer\Smart Projects\IsoBuster\Help\AHlp.exe
C:\WINDOWS\system32\cdplayer.exe.manifest
C:\WINDOWS\system32\logonui.exe.manifest
C:\hiberfil.sys
C:\IO.SYS
C:\MSDOS.SYS
C:\pagefile.sys

                                Finished

Det ser fornuftigt ud. Loggen er ren.

For at gøre arbejdet helt færdig:
Det kan være en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.
Og så kan det også være en god ide at skjule dine systemfiler og -mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Det kan også være en god ide at få renset ud i dine midlertidige filer. Det kan gøres på en hurtig og nem måde med denne fil
www.spywareinfo.dk/download/cleantempxp2k.bat
---------------------------

For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Du finder links og gode råd her:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser disse artikler om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
http://www.ejvindh.net/viewtopic.php?t=37

Mange tak for din hjælp...