I'm joining the crowd of people that have been posting recently about a virus attacks that results in search engines and certain webpages being blocked from use.

Now I've run a handful of different programs to kill the virus. Kaspersky, AVG, Trendmicro's housecall and Add-aware have all been brought to bear against this virus, and seemingly it is gone from the system, but it's alterations to the browsers remains.

Like I said I've already seen there's a handful of threads on the same problem allready, but it seems that the solution varies from computer to computer, so I'm gonna have to make a thread of my own.

Got a good handful of logs ready:

This is Hijack This's log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:51, on 2008-06-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
C:\Programmer\Cyberlink\Shared Files\brs.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\UPHClean\uphclean.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\AVG\AVG8\avgrsx.exe
C:\Programmer\AVG\AVG8\avgrsx.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\notepad.exe
C:\WINDOWS\notepad.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.ex e"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmer\CyberLink\PowerDVD\Language\Language .exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [BDRegion] C:\Programmer\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.ex e"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVP] "C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [BM47caaa9f] Rundll32.exe "C:\WINDOWS\system32\uiaqfovw.dll",s
O4 - HKLM\..\Run: [44f99903] rundll32.exe "C:\WINDOWS\system32\ykigwgpp.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/da/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 8763 bytes

Next, the log from ComboFix:

ComboFix 08-06-20.4 - Christian 2008-06-22 19:54:50.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.1462 [GMT 2:00]
Running from: C:\Documents and Settings\Christian\skrivebord\cf.exe
Command switches used :: /killall
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM47caaa9f.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\hdbjuact.ini
C:\WINDOWS\system32\hgMSDfhk.ini
C:\WINDOWS\system32\hgMSDfhk.ini2
C:\WINDOWS\system32\khfDSMgh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rncamstb.ini
C:\WINDOWS\system32\aawuwpwx.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-22 to 2008-06-22 )))))))))))))))))))))))))))))))
.

2008-06-22 20:11 . 2008-06-22 20:11 22 --a------ C:\WINDOWS\pskt.ini
2008-06-22 20:11 . 2008-06-22 20:11 0 --a------ C:\WINDOWS\BM47caaa9f.xml
2008-06-22 19:14 . 2008-06-22 19:14 <DIR> d-------- C:\Programmer\Trend Micro
2008-06-22 15:53 . 2008-06-22 17:50 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-22 15:49 . 2008-06-22 15:51 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-22 15:49 . 2008-06-22 15:49 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-22 15:49 . 2008-06-22 15:49 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-22 15:49 . 2008-06-22 15:49 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-22 15:48 . 2008-06-22 15:48 <DIR> d-------- C:\Programmer\AVG
2008-06-22 15:48 . 2008-06-22 15:48 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 15:16 . 2008-06-22 15:16 <DIR> d---s---- C:\Documents and Settings\Christian\UserData
2008-06-22 11:24 . 2008-06-22 11:24 99,328 --a------ C:\WINDOWS\system32\ivsjhpho.dll
2008-06-22 11:22 . 2008-06-22 11:22 80,384 --a------ C:\WINDOWS\system32\tcaujbdh.dll
2008-06-22 11:21 . 2008-06-22 11:21 90,624 --a------ C:\WINDOWS\system32\laxtghag.dll
2008-06-21 23:45 . 2008-06-21 23:44 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-21 23:44 . 2008-06-21 23:46 <DIR> d-------- C:\Documents and Settings\Christian\.housecall6.6
2008-06-21 10:36 . 2008-06-21 10:36 99,328 --a------ C:\WINDOWS\system32\ldwtlpwk.dll
2008-06-21 10:33 . 2008-06-21 10:33 90,112 --a------ C:\WINDOWS\system32\gkavpyln.dll
2008-06-21 10:21 . 2008-06-21 10:21 24,576 --a------ C:\WINDOWS\system32\fccccBRI.dll
2008-06-20 22:27 . 2008-06-20 22:27 24,576 --a------ C:\WINDOWS\system32\ssqRLBsp.dll
2008-06-20 22:27 . 2008-06-20 22:27 24,576 --a------ C:\WINDOWS\system32\ssqpoPjj.dll
2008-06-20 22:26 . 2008-06-20 22:26 24,576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll
2008-06-20 22:26 . 2008-06-20 22:26 24,576 --a------ C:\WINDOWS\system32\byXQGyyv.dll
2008-06-17 19:40 . 2008-06-17 19:40 <DIR> d-------- C:\Documents and Settings\Art Movies\Practical Light and Color
2008-06-17 14:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AutoGK
2008-06-17 14:53 . 2008-06-17 14:53 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-06-17 14:42 . 2008-06-17 14:51 <DIR> d-------- C:\Programmer\GordianKnot
2008-06-17 12:34 . 2008-06-17 12:34 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\zweitgeist
2008-06-17 12:30 . 2008-06-17 12:41 <DIR> d-------- C:\Programmer\Xvid
2008-06-17 12:30 . 2008-04-02 22:37 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-06-14 13:38 . 2008-06-14 14:01 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Hamachi
2008-06-14 13:37 . 2008-06-14 13:38 <DIR> d-------- C:\Programmer\Hamachi
2008-06-14 13:37 . 2008-06-14 13:37 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-06-11 16:06 . 2008-06-11 16:06 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\ArcSoft
2008-06-11 15:54 . 2008-06-14 20:00 272,256 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 23:53 . 2008-06-08 23:53 10 --a------ C:\WINDOWS\popcinfo.dat
2008-06-08 17:28 . 2008-06-08 17:28 <DIR> d-------- C:\Programmer\K-Lite Codec Pack
2008-06-08 17:28 . 2008-04-27 10:47 770,048 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-08 17:28 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-06-08 17:28 . 2004-01-25 18:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-06-08 17:28 . 2008-04-27 11:10 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-08 17:28 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-06-08 17:28 . 2008-03-28 19:41 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-08 17:28 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-06-08 17:28 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-06-07 14:15 . 2008-06-07 14:15 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\RTPlayer
2008-06-07 13:36 . 2008-06-07 13:36 <DIR> d-------- C:\Programmer\PixiePack Codec Pack
2008-06-07 13:36 . 2008-06-07 14:16 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Tunebite
2008-06-07 13:36 . 2008-02-20 13:47 27,936 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys
2008-06-07 13:35 . 2008-06-07 13:35 <DIR> d-------- C:\Programmer\RapidSolution
2008-06-07 13:35 . 2008-06-07 14:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RapidSolution
2008-06-03 21:02 . 2008-06-03 21:02 <DIR> d-------- C:\Documents and Settings\NetworkService\Dokumenter
2008-06-03 19:30 . 2004-08-26 17:53 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-03 19:30 . 2001-10-04 17:07 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-02 19:10 . 2008-06-02 19:10 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\drms
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD4.tmp
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD3.tmp
2008-06-01 17:49 . 2008-06-01 17:49 444,952 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-06-01 17:49 . 2008-06-01 17:49 109,080 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-06-01 17:27 . 2008-06-01 17:27 <DIR> d-------- C:\Programmer\Codemasters
2008-05-31 14:43 . 2008-05-31 14:43 194 --a------ C:\WINDOWS\system32\RBDELDRV.BAT
2008-05-31 14:42 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp288.tmp
2008-05-31 13:04 . 2008-04-17 12:06 3,768 --a------ C:\WINDOWS\system32\drivers\CamdVideo32.sys
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2F.tmp
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2E.tmp
2008-05-30 23:46 . 2008-05-30 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16D.tmp
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16C.tmp
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_C oinstaller_Critical.Wdf
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_010 05.Wdf
2008-05-30 21:22 . 2008-05-31 14:27 <DIR> d-------- C:\Programmer\Morgan
2008-05-30 21:22 . 2002-11-18 17:02 40,960 --a------ C:\WINDOWS\system32\MMAVILNG.exe
2008-05-30 21:18 . 2008-05-30 21:18 56 -r-hs---- C:\WINDOWS\system32\DE2A04568E.sys
2008-05-30 21:15 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\Gabest
2008-05-30 20:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AviSynth 2.5
2008-05-30 19:22 . 2008-05-30 19:22 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:22 . 2008-05-30 19:22 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-05-30 19:22 . 2008-05-30 19:22 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-05-30 19:19 . 2008-05-30 19:19 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-30 19:19 . 2008-05-30 19:19 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-29 21:04 . 2008-05-29 21:04 <DIR> d-------- C:\Programmer\PCPitstop
2008-05-27 22:49 . 2008-02-07 17:10 <DIR> d--h----- C:\ckis
2008-05-25 19:50 . 2008-05-25 19:51 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\GetRightToGo
2008-05-25 19:17 . 2008-05-25 19:32 228 --a------ C:\WINDOWS\PowerReg.dat
2008-05-25 19:15 . 1996-10-15 18:01 298,496 --a------ C:\WINDOWS\uninst.exe
2008-05-24 10:48 . 2008-05-24 10:48 <DIR> d-------- C:\WINDOWS\system32\xlive
2008-05-24 10:03 . 2008-05-30 23:38 <DIR> d-------- C:\Programmer\OpenAL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-22 18:12 31,419,168 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-22 18:11 1,074,720 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-22 18:11 --------- d-----w C:\Documents and Settings\Christian\Application Data\WTablet
2008-06-22 18:01 424,688 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-22 18:01 104,864 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-22 13:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-22 09:28 --------- d-----w C:\Programmer\Kaspersky Lab
2008-06-21 09:01 --------- d-----w C:\Documents and Settings\Christian\Application Data\uTorrent
2008-06-19 15:43 --------- d-----w C:\Programmer\DC++
2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 16:44 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-14 16:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-11 14:07 --------- d-----w C:\Documents and Settings\Christian\Application Data\Canon
2008-06-10 17:58 --------- d-----w C:\Programmer\THQ
2008-06-08 15:16 --------- d-----w C:\Documents and Settings\Christian\Application Data\DivX
2008-06-08 15:12 --------- d-----w C:\Programmer\DivX
2008-06-07 15:52 --------- d-----w C:\Programmer\Steam
2008-06-01 15:54 --------- d-----w C:\Programmer\SystemRequirementsLab
2008-06-01 15:27 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-05-31 12:43 --------- d-----w C:\Programmer\Real
2008-05-30 19:18 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-29 17:55 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 17:16 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 17:16 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-20 17:31 --------- d-----w C:\Programmer\Fælles filer\Adobe
2008-05-19 20:02 --------- d-----w C:\Documents and Settings\Christian\Application Data\SystemRequirementsLab
2008-05-10 08:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-05-09 17:04 --------- d-----w C:\Programmer\Winamp Remote
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 20:57 --------- d-----w C:\Programmer\EphPod
2008-05-05 20:37 --------- d-----w C:\Programmer\iTunes
2008-05-05 20:37 --------- d-----w C:\Documents and Settings\Christian\Application Data\Apple Computer
2008-05-05 20:36 --------- d-----w C:\Programmer\iPod
2008-05-05 20:36 --------- d-----w C:\Programmer\Fælles filer\Apple
2008-05-05 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-30 15:27 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-30 05:42 3,532 ----a-w C:\drmHeader.bin
2008-04-21 07:03 660,992 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-08 13:16 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-27 22:39 1 ----a-w C:\Documents and Settings\Christian\SI.bin
2008-01-18 15:12 22,328 ----a-w C:\Documents and Settings\Christian\Application Data\PnkBstrK.sys
2008-01-13 01:17 22,328 ----a-w C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
2008-01-13 23:06 8 --sha-w C:\WINDOWS\system32\315FB34F15.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27CAA332-9356-4866-A1C7-7D9AA1F2EFF1}]
2008-06-22 20:16 323072 --a------ C:\WINDOWS\system32\yayaWQgE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{585c38c9-d387-4b4c-959f-84089fdcff4e}]
2008-06-22 11:24 99328 --a------ C:\WINDOWS\system32\ivsjhpho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}]
2008-06-20 22:26 24576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 18:53 15360]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"AnyDVD"="C:\Programmer\SlySoft\AnyDVD\AnyDVD. exe" [2008-01-18 22:30 1649600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46 13529088]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_ 05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-03 23:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-03 23:32 455168]
"nwiz"="nwiz.exe" [2008-05-03 05:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-03 23:31 59392]
"LanguageShortcut"="C:\Programmer\CyberLink\PowerD VD\Language\Language.exe" [2007-10-11 13:06 62760]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.E XE" [2004-08-03 23:32 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE " [2001-10-09 14:00 44032]
"CTxfiHlp"="CTXFIHLP.EXE" [2005-08-08 00:10 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [2005-08-08 00:10 16384 C:\WINDOWS\CTHELPER.EXE]
"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-04 22:33 626176]
"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 11:32 880640]
"BDRegion"="C:\Programmer\Cyberlink\Shared Files\brs.exe" [2007-11-16 20:20 91432]
"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 12:19 1426432]
"OpwareSE2"="C:\Programmer\ScanSoft\OmniPageSE2.0\ OpwareSE2.exe" [2003-05-08 12:00 49152]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2008-05-03 05:46 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-22 15:48 1177368]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [2004-08-26 18:53 158720]
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 12:51 218376]
"BM47caaa9f"="C:\WINDOWS\system32\uiaqfovw.dll " [2008-06-22 20:19 90624]
"44f99903"="C:\WINDOWS\system32\ykigwgpp.dll" [2008-06-22 20:19 80384]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 18:53 15360]

C:\Documents and Settings\Christian\Menuen Start\Programmer\Start\
Adobe Gamma.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\WINDOWS\system32\hgGaxuTk.dll [2008-06-20 22:26 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGaxuTk]
hgGaxuTk.dll 2008-06-20 22:26 24576 C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adi alhk.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\yayaWQgE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\44f99903]
--a------ 2008-06-22 11:22 80384 C:\WINDOWS\system32\tcaujbdh.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM47caaa9f]
--a------ 2008-06-22 11:21 90624 C:\WINDOWS\system32\laxtghag.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tunebite]
C:\Programmer\RapidSolution\Tunebite\Tunebite.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneClone]
C:\Programmer\TuneClone\TuneClone.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\games\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Programmer\\uTorrent\\uTorrent.exe"=
"C:\\Programmer\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"C:\\Programmer\\DC++\\DCPlusPlus.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\sin episodes emergence\\SinEpisodes.exe"=
"C:\\games\\Company of heroes\\RelicCOH.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\team fortress 2\\hl2.exe"=
"C:\\Programmer\\Autodesk\\Maya2008\\bin\\maya.exe "=
"C:\\Programmer\\Stardock\\TotalGaming\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\ftp.exe"=
"C:\\Programmer\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"C:\\Programmer\\Messenger\\msmsgs.exe"=
"C:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\games\\Battlefield 2\\BF2.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\games\\Defcon\\defcon.exe"=
"C:\\Programmer\\Codemasters\\GRID\\GRID.exe"=
"C:\\Programmer\\Mozilla Firefox\\firefox.exe"=
"C:\\Programmer\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"=
"E:\\Tegnemappe\\opencanvas.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgemc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows peer-til-peer-gruppering
"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)
"88:UDP"= 88:UDP:Xbox 360
"3074:UDP"= 3074:UDP:Xbox 360
"3074:TCP"= 3074:TCP:Xbox 360
"10280:TCP"= 10280:TCP:Xbox 360
"10281:TCP"= 10281:TCP:Xbox 360
"10282:TCP"= 10282:TCP:Xbox 360
"10283:TCP"= 10283:TCP:Xbox 360

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-22 15:49]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Programmer\CyberLink\PowerDVD\000 .fcl [2007-11-03 01:12]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-22 15:48]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-22 15:48]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-22 15:49]
R2 TabletServiceWacom;TabletServiceWacom;C:\WINDOWS\s ystem32\Wacom_Tablet.exe [2007-09-07 12:40]
R3 CamdVideo32;CamdVideo32;C:\WINDOWS\system32\DRIVER S\CamdVideo32.sys [2008-04-17 12:06]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-08-07 23:54]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilte r.sys [2007-02-16 12:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 11:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 17:11]
S0 tclondrv;tclondrv;C:\WINDOWS\system32\DRIVERS\tclo ndrv.sys []
S3 CamdDriverV32;CamdDriverV32;C:\WINDOWS\system32\dr ivers\CamdDriverV32.sys []
S3 p2pgasvc;Gruppegodkendelse på peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2pimsvc;Identitetsstyring for peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2psvc;Peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 PNRPSvc;PNRP (Peer Name Resolution Protocol);C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
C:\Programmer\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-05 12:39:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-06-22 17:30:00 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"

In continuation:

This is the log from Deckard's System Scanner:

Deckard's System Scanner v20071014.68
Run by Christian on 2008-06-22 20:47:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

System Restore is disabled; attempting to re-enable...success.


-- Last 1 Restore Point(s) --
1: 2008-06-22 18:47:25 UTC - RP261 - Systemkontrolpunkt


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Christian.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48, on 2008-06-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
C:\Programmer\Cyberlink\Shared Files\brs.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\UPHClean\uphclean.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\AVG\AVG8\avgrsx.exe
C:\Programmer\AVG\AVG8\avgrsx.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Christian\Skrivebord\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Christian.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {27CAA332-9356-4866-A1C7-7D9AA1F2EFF1} - C:\WINDOWS\system32\yayaWQgE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: {a14d3e49-39ac-ebd9-82b4-b7e80b98ae49} - {94ea89b0-8e7b-4b28-9dbe-ca9394e3d41a} - C:\WINDOWS\system32\mtjkcmlm.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {F86B11F3-0CE1-475F-9541-5329BF7B3597} - C:\WINDOWS\system32\hgGaxuTk.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.ex e"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmer\CyberLink\PowerDVD\Language\Language .exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [BDRegion] C:\Programmer\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.ex e"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [AVP] "C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [BM47caaa9f] Rundll32.exe "C:\WINDOWS\system32\uiaqfovw.dll",s
O4 - HKLM\..\Run: [44f99903] rundll32.exe "C:\WINDOWS\system32\ykigwgpp.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/da/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O20 - Winlogon Notify: hgGaxuTk - C:\WINDOWS\SYSTEM32\hgGaxuTk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 9561 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 NetworkX - c:\windows\system32\ckldrv.sys
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R2 Haspnt - c:\windows\system32\drivers\haspnt.sys <Not Verified; Aladdin Knowledge Systems; Windows NT HASP Kernel Device Driver>
R3 CamdVideo32 - c:\windows\system32\drivers\camdvideo32.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>

S0 tclondrv - c:\windows\system32\drivers\tclondrv.sys (file missing)
S2 DS1410D - c:\windows\system32\drivers\ds1410d.sys (file missing)
S3 ADIHdAudAddService (ADI UAA Function Driver for High Definition Audio Service) - c:\windows\system32\drivers\adihdaud.sys (file missing)
S3 AEAudio (AE Audio Service) - c:\windows\system32\drivers\aeaudio.sys (file missing)
S3 CamdDriverV32 - c:\windows\system32\drivers\camddriverv32.sys (file missing)
S3 catchme - c:\cf\catchme.sys (file missing)
S3 SenFiltService (SenFilt Service) - c:\windows\system32\drivers\senfilt.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "c:\programmer\fælles filer\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service (##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762 ##) - c:\programmer\bonjour\mdnsresponder.exe <Not Verified; Apple Computer, Inc.; Bonjour>
R2 Crypkey License - crypserv.exe <Not Verified; CrypKey (Canada) Ltd.; CrypKey Software Licensing System>
R2 UPHClean (User Profile Hive Cleanup) - c:\programmer\uphclean\uphclean.exe <Not Verified; Microsoft Corporation; User Profile Hive Cleanup Service>

S2 ProtexisLicensing - c:\windows\system32\psiservice.exe <Not Verified; ; PSIService>
S3 FLEXnet Licensing Service - "c:\programmer\fælles filer\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&625 283&0&00E5
Manufacturer: Marvell
Name: Marvell Yukon 88E8056 PCI-E Gigabit Ethernet Controller #2
PNP Device ID: PCI\VEN_11AB&DEV_4364&SUBSYS_81F81043&REV_12\4&625 283&0&00E5
Service: yukonwxp

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394-netværkskort
Device ID: V1394\NIC1394\16B031E8C00
Manufacturer: Microsoft
Name: 1394-netværkskort
PNP Device ID: V1394\NIC1394\16B031E8C00
Service: NIC1394

Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318}
Description: Standard 101/102-tastatur eller Microsoft Natural PS/2 Keyboard
Device ID: ACPI\PNP0303\4&B6AFFD&0
Manufacturer: (Standardtastaturer)
Name: Standard 101/102-tastatur eller Microsoft Natural PS/2 Keyboard
PNP Device ID: ACPI\PNP0303\4&B6AFFD&0
Service: i8042prt


-- Scheduled Tasks -------------------------------------------------------------

2008-06-22 20:30:00 264 --a------ C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job
2008-06-05 14:39:01 278 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-22 and 2008-06-22 -----------------------------

2008-06-22 20:22:17 99328 --a------ C:\WINDOWS\system32\mtjkcmlm.dll
2008-06-22 20:19:19 80384 --a------ C:\WINDOWS\system32\ykigwgpp.dll
2008-06-22 20:19:05 90624 --a------ C:\WINDOWS\system32\uiaqfovw.dll
2008-06-22 20:16:15 531442 --ahs---- C:\WINDOWS\system32\EgQWayay.ini2
2008-06-22 20:16:04 323072 --a------ C:\WINDOWS\system32\yayaWQgE.dll
2008-06-22 19:58:59 53248 --a------ C:\WINDOWS\PSEXESVC.EXE <Not Verified; Sysinternals; Sysinternals PsExec>
2008-06-22 19:53:38 68096 --a------ C:\WINDOWS\zip.exe
2008-06-22 19:53:38 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-22 19:53:38 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-22 19:53:38 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-22 19:53:38 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-22 19:53:38 98816 --a------ C:\WINDOWS\sed.exe
2008-06-22 19:53:38 80412 --a------ C:\WINDOWS\grep.exe
2008-06-22 19:53:38 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-22 19:53:33 0 d-------- C:\CF
2008-06-22 19:14:10 0 d-------- C:\Programmer\Trend Micro
2008-06-22 15:53:58 0 d--h----- C:\$AVG8.VAULT$
2008-06-22 15:49:04 0 d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-22 15:48:53 0 d-------- C:\Programmer\AVG
2008-06-22 15:48:52 0 d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 15:16:27 0 d---s---- C:\Documents and Settings\Christian\UserData
2008-06-22 11:24:37 99328 --a------ C:\WINDOWS\system32\ivsjhpho.dll
2008-06-22 11:22:03 80384 --a------ C:\WINDOWS\system32\tcaujbdh.dll
2008-06-22 11:21:56 90624 --a------ C:\WINDOWS\system32\laxtghag.dll
2008-06-21 23:44:37 0 d-------- C:\Documents and Settings\Christian\.housecall6.6
2008-06-21 10:36:35 99328 --a------ C:\WINDOWS\system32\ldwtlpwk.dll
2008-06-21 10:33:34 90112 --a------ C:\WINDOWS\system32\gkavpyln.dll
2008-06-21 10:21:39 24576 --a------ C:\WINDOWS\system32\fccccBRI.dll
2008-06-20 22:27:31 24576 --a------ C:\WINDOWS\system32\ssqpoPjj.dll
2008-06-20 22:27:21 24576 --a------ C:\WINDOWS\system32\ssqRLBsp.dll
2008-06-20 22:26:59 24576 --a------ C:\WINDOWS\system32\byXQGyyv.dll
2008-06-20 22:26:37 24576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll
2008-06-17 14:53:37 43698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-06-17 14:53:11 0 d-------- C:\Programmer\AutoGK
2008-06-17 14:42:07 0 d-------- C:\Programmer\GordianKnot
2008-06-17 12:34:21 0 d-------- C:\Documents and Settings\Christian\Application Data\zweitgeist
2008-06-17 12:30:39 0 d-------- C:\Programmer\Xvid
2008-06-14 13:38:16 0 d-------- C:\Documents and Settings\Christian\Application Data\Hamachi
2008-06-14 13:37:56 0 d-------- C:\Programmer\Hamachi
2008-06-11 16:06:26 0 d-------- C:\Documents and Settings\Christian\Application Data\ArcSoft
2008-06-08 23:53:30 10 --a------ C:\WINDOWS\popcinfo.dat
2008-06-08 17:28:41 217088 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2008-06-08 17:28:41 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-08 17:28:41 770048 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-08 17:28:40 7680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-08 17:28:39 0 d-------- C:\Programmer\K-Lite Codec Pack
2008-06-07 14:15:35 0 d-------- C:\Documents and Settings\Christian\Application Data\RTPlayer
2008-06-07 13:36:35 0 d-------- C:\Programmer\PixiePack Codec Pack
2008-06-07 13:36:15 0 d-------- C:\Documents and Settings\Christian\Application Data\Tunebite
2008-06-07 13:35:36 0 d-------- C:\Programmer\RapidSolution
2008-06-07 13:35:36 0 d-------- C:\Documents and Settings\All Users\Application Data\RapidSolution
2008-06-03 21:02:54 0 d-------- C:\Documents and Settings\NetworkService\Dokumenter
2008-06-02 19:10:59 0 d-------- C:\Documents and Settings\Christian\Application Data\drms
2008-06-02 19:10:24 0 d-------- C:\Documents and Settings\Christian\My Documents
2008-06-01 18:00:27 0 d-------- C:\WINDOWS\nvidia icons
2008-06-01 17:27:15 0 d-------- C:\Programmer\Codemasters
2008-05-31 14:43:09 194 --a------ C:\WINDOWS\system32\RBDELDRV.BAT
2008-05-31 13:04:34 3768 --a------ C:\WINDOWS\system32\drivers\CamdVideo32.sys <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-05-30 23:46:08 0 d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-05-30 21:22:38 40960 --a------ C:\WINDOWS\system32\MMAVILNG.exe
2008-05-30 21:22:38 0 d-------- C:\Programmer\Morgan
2008-05-30 21:18:39 56 -r-hs---- C:\WINDOWS\system32\DE2A04568E.sys
2008-05-30 21:15:44 0 d-------- C:\Programmer\Gabest
2008-05-30 20:53:33 0 d-------- C:\Programmer\AviSynth 2.5
2008-05-30 19:22:22 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:18:56 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2008-05-30 19:18:56 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2008-05-30 19:18:50 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2008-05-30 19:18:48 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48 815104 --a------ C:\WINDOWS\system32\divx_xx0a.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:48 683520 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2008-05-30 19:18:00 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2008-05-29 21:04:11 0 d-------- C:\Programmer\PCPitstop
2008-05-27 22:49:11 0 d--h----- C:\ckis
2008-05-25 19:50:59 0 d-------- C:\Documents and Settings\Christian\Application Data\GetRightToGo
2008-05-25 19:17:08 228 --a------ C:\WINDOWS\PowerReg.dat
2008-05-25 19:15:24 298496 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-05-24 10:48:19 0 d-------- C:\WINDOWS\system32\xlive
2008-05-24 10:03:14 0 d-------- C:\Programmer\OpenAL


-- Find3M Report ---------------------------------------------------------------

2008-06-22 20:11:33 0 d-------- C:\Documents and Settings\Christian\Application Data\WTablet
2008-06-22 11:28:22 0 d-------- C:\Programmer\Kaspersky Lab
2008-06-21 11:01:52 0 d-------- C:\Documents and Settings\Christian\Application Data\uTorrent
2008-06-19 17:43:29 0 d-------- C:\Programmer\DC++
2008-06-18 07:28:11 0 d-------- C:\Documents and Settings\Christian\Application Data\Mozilla
2008-06-17 14:56:49 609 --a------ C:\Documents and Settings\Christian\Application Data\AutoGK.ini
2008-06-11 16:07:40 0 d-------- C:\Documents and Settings\Christian\Application Data\Canon
2008-06-10 19:58:52 0 d-------- C:\Programmer\THQ
2008-06-08 17:16:48 0 d-------- C:\Documents and Settings\Christian\Application Data\DivX
2008-06-08 17:12:27 0 d-------- C:\Programmer\DivX
2008-06-07 17:52:09 0 d-------- C:\Programmer\Steam
2008-06-01 17:54:09 0 d-------- C:\Programmer\SystemRequirementsLab
2008-06-01 17:27:14 0 d--h----- C:\Programmer\InstallShield Installation Information
2008-05-31 14:43:05 0 d-------- C:\Programmer\Real
2008-05-30 21:18:39 1682 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-20 21:28:38 0 d-------- C:\Documents and Settings\Christian\Application Data\Adobe
2008-05-20 19:31:47 0 d-------- C:\Programmer\Fælles filer\Adobe
2008-05-19 22:02:11 0 d-------- C:\Documents and Settings\Christian\Application Data\SystemRequirementsLab
2008-05-09 19:04:08 0 d-------- C:\Programmer\Winamp Remote
2008-05-05 22:57:48 0 d-------- C:\Programmer\EphPod
2008-05-05 22:37:10 0 d-------- C:\Documents and Settings\Christian\Application Data\Apple Computer
2008-05-05 22:37:04 0 d-------- C:\Programmer\iTunes
2008-05-05 22:36:55 0 d-------- C:\Programmer\iPod
2008-05-05 22:36:30 0 d-------- C:\Programmer\Fælles filer
2008-05-05 22:36:30 0 d-------- C:\Programmer\Fælles filer\Apple
2008-05-03 05:46:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-05-03 05:46:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-05-03 05:46:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-05-03 05:46:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-05-03 05:46:00 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-05-03 05:46:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-05-03 05:46:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-05-03 05:46:00 425984 --a------ C:\WINDOWS\system32\keystone.exe
2008-04-30 07:42:39 3532 --a------ C:\drmHeader.bin
2008-04-12 03:02:08 421306 --a------ C:\WINDOWS\system32\perfh006.dat
2008-04-12 03:02:08 75032 --a------ C:\WINDOWS\system32\perfc006.dat


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{27CAA332-9356-4866-A1C7-7D9AA1F2EFF1}]
2008-06-22 20:16 323072 --a------ C:\WINDOWS\system32\yayaWQgE.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{94ea89b0-8e7b-4b28-9dbe-ca9394e3d41a}]
2008-06-22 20:22 99328 --a------ C:\WINDOWS\system32\mtjkcmlm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}]
2008-06-20 22:26 24576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_ 05\bin\jusched.exe" [2008-02-22 05:25]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.exe" [2004-08-03 23:32]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.exe" [2004-08-03 23:32]
"nwiz"="nwiz.exe" [2008-05-03 05:46 C:\WINDOWS\system32\nwiz.exe]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-03 23:31]
"LanguageShortcut"="C:\Programmer\CyberLink\PowerD VD\Language\Language.exe" [2007-10-11 13:06]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.e xe" [2004-08-03 23:32]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE " [2001-10-09 14:00]
"CTxfiHlp"="CTXFIHLP.EXE" [2005-08-08 00:10 C:\WINDOWS\system32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [2005-08-08 00:10 C:\WINDOWS\CTHELPER.EXE]
"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-04 22:33]
"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 11:32]
"BDRegion"="C:\Programmer\Cyberlink\Shared Files\brs.exe" [2007-11-16 20:20]
"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 12:19]
"OpwareSE2"="C:\Programmer\ScanSoft\OmniPageSE2.0\ OpwareSE2.exe" [2003-05-08 12:00]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2008-05-03 05:46]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-22 15:48]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\M SConfig.exe" [2004-08-26 18:53]
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 12:51]
"BM47caaa9f"="C:\WINDOWS\system32\uiaqfovw.dll " [2008-06-22 20:19]
"44f99903"="C:\WINDOWS\system32\ykigwgpp.dll" [2008-06-22 20:19]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 18:53]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34]
"AnyDVD"="C:\Programmer\SlySoft\AnyDVD\AnyDVD. exe" [2008-01-18 22:30]

C:\Documents and Settings\Christian\Menuen Start\Programmer\Start\
Adobe Gamma.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"DisableRegistryTools"=0 (0x0)
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\curre ntversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer\ShellExecuteHooks]
"{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\WINDOWS\system32\hgGaxuTk.dll [2008-06-20 22:26 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGaxuTk]
hgGaxuTk.dll 2008-06-20 22:26 24576 C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\yayaWQgE

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\aawservice]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\PSEXESVC]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\44f99903]
rundll32.exe "C:\WINDOWS\system32\tcaujbdh.dll",b

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BM47caaa9f]
Rundll32.exe "C:\WINDOWS\system32\laxtghag.dll",s

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tunebite]
C:\Programmer\RapidSolution\Tunebite\Tunebite.exe -tray

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TuneClone]
C:\Programmer\TuneClone\TuneClone.exe /silence

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
C:\Programmer\PixiePack Codec Pack\InstallerHelper.exe



-- End of Deckard's System Scanner: finished at 2008-06-22 20:49:50 ------------

And finally Deckard's Extra log:

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Other (0406) - see TinyURL.com - shorten that long URL into a Tiny URL

CPU 0: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz
CPU 1: Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz
Percentage of Memory in Use: 34%
Physical Memory (total/avail): 2047.04 MiB / 1347.06 MiB
Pagefile Memory (total/avail): 3939.23 MiB / 3328.04 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1932.44 MiB

A: is Removable (No Media)
C: is Fixed (NTFS) - 127.99 GiB total, 25.28 GiB free.
D: is CDROM (No Media)
E: is Fixed (NTFS) - 337.77 GiB total, 123.32 GiB free.
G: is CDROM (No Media)

\\.\PHYSICALDRIVE0 - SAMSUNG HD501LJ - 465.76 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 127.99 GiB - C:
\PARTITION1 - Udvidet m. udvidet Int 13 - 337.77 GiB - E:



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FW: Kaspersky Internet Security v7.0.0.125 (Kaspersky Lab)
AV: AVG Anti-Virus Free v8.0 (AVG Technologies)
AV: Kaspersky Internet Security v7.0.0.125 (Kaspersky Lab) Disabled

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile\Authoriz edApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programmer\\Win dows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"="C:\\Programmer\\Wi ndows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKLM\System\CurrentControlSet\Services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile\Author izedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\syste m32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Programmer\\Win dows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"="C:\\Programmer\\Wi ndows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\games\\Unreal Tournament 3\\Binaries\\UT3.exe"="C:\\games\\Unreal Tournament 3\\Binaries\\UT3.exe:*:Enabled:Unreal Tournament 3"
"C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS \\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS \\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\\Programmer\\uTorrent\\uTorrent.exe"="C:\\Prog rammer\\uTorrent\\uTorrent.exe:*:Enabled:µTorrent"
"C:\\Programmer\\CyberLink\\PowerDVD\\PowerDVD.exe "="C:\\Programmer\\CyberLink\\PowerDVD\\PowerDVD.e xe:*:Enabled:CyberLink PowerDVD"
"C:\\Programmer\\DC++\\DCPlusPlus.exe"="C:\\Progra mmer\\DC++\\DCPlusPlus.exe:*:EnabledC++"
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\sin episodes emergence\\SinEpisodes.exe"="C:\\Programmer\\Steam \\steamapps\\psunesen@hotmail.com\\sin episodes emergence\\SinEpisodes.exe:*:Enabled:SinEpisodes"
"C:\\games\\Company of heroes\\RelicCOH.exe"="C:\\games\\Company of heroes\\RelicCOH.exe:*:Enabled:Company of Heroes - Opposing Fronts"
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\team fortress 2\\hl2.exe"="C:\\Programmer\\Steam\\steamapps\\psu nesen@hotmail.com\\team fortress 2\\hl2.exe:*:Enabled:hl2"
"C:\\Programmer\\Autodesk\\Maya2008\\bin\\maya.exe "="C:\\Programmer\\Autodesk\\Maya2008\\bin\\maya.e xe:*:Enabled:Maya"
"C:\\Programmer\\Stardock\\TotalGaming\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"="C:\\Programmer\\Stardock\\TotalGaming \\Sins of a Solar Empire\\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS \\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\WINDOWS\\system32\\ftp.exe"="C:\\WINDOWS\\sys tem32\\ftp.exe:*:Enabled:FTP (filoverførselsprogram)"
"C:\\Programmer\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"="C:\\Programmer\\GlobalSC APE\\CuteFTP 8 Professional\\ftpte.exe:*:Enabled:FTP Transfer Engine"
"C:\\Programmer\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"="C:\\Program mer\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe:*:Enabled:Sup reme Commander"
"C:\\Programmer\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"="C:\\Pr ogrammer\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe:*:Enable d:GPGNet - Supreme Commander"
"C:\\Programmer\\Messenger\\msmsgs.exe"="C:\\Progr ammer\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Programmer\\Bonjour\\mDNSResponder.exe"="C:\\ Programmer\\Bonjour\\mDNSResponder.exe:*:Enabled:B onjour"
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic.exe"="C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic.exe:*:Enabled:World in Conflict"
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_online.exe"="C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_online.exe:*:Enabled:World in Conflict - Online Only"
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"="C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_ds.exe:*:Enabled:World in Conflict - Dedicated Server"
"C:\\games\\Battlefield 2\\BF2.exe"="C:\\games\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Programmer\\iTunes\\iTunes.exe"="C:\\Programm er\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programmer\\Winamp Remote\\bin\\Orb.exe"="C:\\Programmer\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Programmer\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Programmer\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Programmer\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Programme r\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\\games\\Defcon\\defcon.exe"="C:\\games\\Defcon \\defcon.exe:*:Enabledefcon"
"C:\\Programmer\\Codemasters\\GRID\\GRID.exe"="C:\ \Programmer\\Codemasters\\GRID\\GRID.exe:*:Enabled :GRID"
"C:\\Programmer\\Mozilla Firefox\\firefox.exe"="C:\\Programmer\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Programmer\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"="C:\\Programmer\\THQ\\Comp any of Heroes - Balance Playtest\\RelicCOH.exe:*:Enabled:Company of Heroes - Balance Playtest"
"E:\\Tegnemappe\\opencanvas.exe"="E:\\Tegnemappe\\ opencanvas.exe:*:Enabled:opencanvas"
"C:\\Programmer\\AVG\\AVG8\\avgupd.exe"="C:\\Progr ammer\\AVG\\AVG8\\avgupd.exe:*:Enabled:avgupd.exe"
"C:\\Programmer\\AVG\\AVG8\\avgemc.exe"="C:\\Progr ammer\\AVG\\AVG8\\avgemc.exe:*:Enabled:avgemc.exe"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Christian\Application Data
CLASSPATH=.;C:\Programmer\Java\jre1.6.0_05\lib\ext \QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Programmer\F‘lles filer
COMPUTERNAME=BLOW-2BGD6TBR1N
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Christian
LOGONSERVER=\\BLOW-2BGD6TBR1N
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\sys tem32\wbem;C:\Programmer\Autodesk\Maya2008\bin;C:\ Programmer\QuickTime\QTSystem;C:\Programmer\F‘lles filer\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WS F;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 11, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0b
ProgramFiles=C:\Programmer
PROMPT=$P$G
QTJAVA=C:\Programmer\Java\jre1.6.0_05\lib\ext\QTJa va.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\CHRIST~1\LOKALE~1\Temp
TMP=C:\DOCUME~1\CHRIST~1\LOKALE~1\Temp
USERDOMAIN=BLOW-2BGD6TBR1N
USERNAME=Christian
USERPROFILE=C:\Documents and Settings\Christian
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Christian (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "C:\Programmer\Creative\Sound Blaster X-Fi\Program\SETUP.EXE" /S /U /W
--> C:\Programmer\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\Programmer\Fælles filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> MsiExec /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{0E5AA361-4B16-4282-B639-9E5B2B6A2EC8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{32903944-19A2-418C-901D-4BBAF4C55ABA}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{4D8AA0B4-E890-4BF7-A9D1-8E63027E76D3}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{6BF90A01-FA3F-42B9-A071-7D744409967E}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{B8DA9EB2-DBEF-4F0A-B90A-45B77D9E65B2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{CB99E420-8071-48F9-9567-4A53BE7569C4}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware 2007 --> MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Bridge 1.0 --> MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activ eX.exe
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Premiere Pro CS3 --> C:\Programmer\Fælles filer\Adobe\Installers\32fdd767b4383606e8168e834af 5d90\Setup.exe
Adobe Premiere Pro CS3 Functional Content --> MsiExec.exe /I{50F102CA-4BE2-41A9-9810-5BB05EB91B9A}
Adobe Premiere Pro CS3 Third Party Content --> MsiExec.exe /I{485ACF57-F364-440A-8496-E1E81C8FA1AA}
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Adobe Setup --> MsiExec.exe /I{BB81360F-041C-4CF7-B15E-71380D154244}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Adobe Type Support --> MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
AGEIA PhysX v7.09.13 --> MsiExec.exe /X{45235788-142C-44BE-8A4D-DDE9A84492E5}
AI Suite --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{310BC5E2-31AF-49BB-904D-E71EB93645DC}\Setup.exe" -l0x9
AnyDVD --> "C:\Programmer\SlySoft\AnyDVD\AnyDVD-uninst.exe" /D="C:\Programmer\SlySoft\AnyDVD"
Apple Mobile Device Support --> MsiExec.exe /I{44734179-8A79-4DEE-BB08-73037F065543}
Apple Software Update --> MsiExec.exe /I{B74F042E-E1B9-4A5B-8D46-387BB172F0A4}
ArcSoft PhotoStudio 5.5 --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{D2261C4B-4D9B-4149-8472-31B7A2FEAB91}\setup.exe" -l0x9
µTorrent --> "C:\Programmer\uTorrent\uTorrent.exe" /UNINSTALL
Audiosurf --> "C:\Programmer\Steam\steam.exe" steam://uninstall/12900
Auto Gordian Knot 2.45 --> C:\Programmer\AutoGK\uninst.exe
Autodesk DirectConnect 2.0 --> MsiExec.exe /I{C033BF6E-9D82-4E0B-A46E-ABC746D6F431}
AVG Free 8.0 --> C:\Programmer\AVG\AVG8\setup.exe /UNINSTALL
AviSynth 2.5 --> "C:\Programmer\AviSynth 2.5\Uninstall.exe"
Battlefield 2(TM) --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\10\ 50\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Camtasia Studio 5 --> MsiExec.exe /I{784E6B0F-00EC-4950-95A2-BBA64F44EC48}
Canon CanoScan Toolbox 4.8 --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{444B6A7B-0E26-4416-A43F-D1C9AAE6075D}\setup.exe" -l0x9 anything
Company of Heroes --> "C:\games\Company of heroes\Uninstall_English.exe"
Company of Heroes - Balance Playtest --> "C:\Programmer\THQ\Company of Heroes - Balance Playtest\Uninstall_English.exe"
Company of Heroes - FAKEMSI --> MsiExec.exe /I{14574B7F-75D1-4718-B7F2-EBF6E2862A35}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{199E6632-EB28-4F73-AECB-3E192EB92D18}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{25724802-CC14-4B90-9F3B-3D6955EE27B1}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{32C4A4EB-C97D-414E-99C5-38F8DFD31D5D}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{50193078-F553-4EBA-AA77-64C9FAA12F98}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{51D718D1-DA81-4FAD-919F-5C1CE3C33379}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{66F78C51-D108-4F0C-A93C-1CBE74CE338F}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{7F4B1592-222F-4E5F-A100-E5AFD61A0BB3}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{80D03817-7943-4839-8E96-B9F924C5E67D}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{97E5205F-EA4F-438F-B211-F1846419F1C1}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{99A7722D-9ACB-43F3-A222-ABC7133F159E}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{BA801B94-C28D-46EE-B806-E1E021A3D519}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{D4D244D1-05E0-4D24-86A2-B2433C435671}
Company of Heroes - FAKEMSI --> MsiExec.exe /I{EAF636A9-F664-4703-A659-85A894DA264F}
Corel Painter IX --> MsiExec.exe /I{A0383B7D-81A2-49D3-BE06-C0FD9EFB9DFC}
Corel Painter X --> C:\Programmer\Corel\Corel Painter X\MSILauncher {05D60953-9012-44DF-A1A6-9DD97AD6580A} C:\DOCUME~1\CHRIST~1\LOKALE~1\Temp\PainterX.log
Corel Painter X --> MsiExec.exe /I{05D60953-9012-44DF-A1A6-9DD97AD6580A}
Creative System Information --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
CryEngine(R)2 Sandbox(TM)2 --> MsiExec.exe /I{7E4B7FD9-4ECE-4298-A910-3160B7918059}
CuteFTP 8 Professional --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{91F34319-08DE-457A-99C0-0BCDFAC145B9}\Setup.exe" -l0x9
DC++ 0.706 --> "C:\Programmer\DC++\uninstall.exe"
DivX Codec --> C:\Programmer\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter --> C:\Programmer\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Programmer\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Programmer\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Easy Video Converter 7.2.26 --> "C:\Programmer\Easy Video Converter\unins000.exe"
EphPod --> C:\PROGRA~1\EphPod\UNWISE.EXE C:\PROGRA~1\EphPod\INSTALL.LOG
FILE RECOVERY for Windows --> C:\Programmer\FILE RECOVERY for Windows\Uninstall.exe
Fraps (remove only) --> "C:\programmer\Fraps\uninstall.exe"
Fremhævelsesvisning (Windows Live Toolbar) --> MsiExec.exe /X{F7ADEBA1-5621-4ED0-80F8-4386D844974C}
GPGNet --> MsiExec.exe /I{C194D333-B84A-4BB7-B35E-060732D98DC4}
GRID --> "C:\Programmer\InstallShield Installation Information\{5A0B7BA5-4682-4273-81C2-69B17E649103}\setup.exe" -runfromtemp -l0x0009 -removeonly
Half-Life 2: Episode One --> "C:\Programmer\Steam\steam.exe" steam://uninstall/380
Half-Life 2: Episode Two --> "C:\Programmer\Steam\steam.exe" steam://uninstall/420
Hamachi 1.0.2.5 --> C:\Programmer\Hamachi\uninstall.exe
High Definition Audio Driver Package - KB888111 --> C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\sp uninst.exe
HijackThis 2.0.2 --> "C:\Programmer\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spunins t.exe"
hp deskjet 3320 series --> rundll32 hpzcon07.dll,VendorJettison hp deskjet 3320 series
hp deskjet 3320 series (Remove only) --> C:\Programmer\hp deskjet 3320 series\hpfiui.exe -c -vdivid=HPF -vpnum=95 -vinstport=USB001 -vproduct=3320 -huninstall
iTunes --> MsiExec.exe /I{585776BC-4BD6-4BD2-A19A-1D6CB44A403B}
Java(TM) 6 Update 3 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Codec Pack 3.9.5 (Full) --> "C:\Programmer\K-Lite Codec Pack\unins000.exe"
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Kaspersky Internet Security 7.0 --> MsiExec.exe /I{C774410D-3EF9-4DE7-AC01-332613163ECF}
Manual CanoScan 8400F --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{50CD421F-CAFD-46C4-BEFD-E1C46FE63062}\setup.exe" -l0x9
Marvell Miniport Driver --> MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Maya 2008 --> MsiExec.exe /I{DA864DC0-0BF2-454B-A6A9-08A45EB97D3B}
Maya 2008 Documentation (en_US) --> MsiExec.exe /I{6C70ACE2-6EF2-4F8D-8C4A-78198AA979DD}
MechCommander Desperate Measures --> C:\WINDOWS\uninst.exe -fC:\games\MCX\DeIsL1.isu
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spu ninst.exe"
Microsoft Games for Windows - LIVE Redistributable --> MsiExec.exe /X{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 --> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spunins t.exe"
Microsoft Office 2000 Standard --> MsiExec.exe /I{00020409-78E1-11D2-B60F-006097C998E7}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spunin st.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0) --> C:\Programmer\Mozilla Firefox\uninstall\helper.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
OmniPage SE 2.0 --> MsiExec.exe /I{79D5997E-BF79-48BB-8B41-9BE59C15C2D7}
Opdatering til Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB942840) --> "C:\WINDOWS\$NtUninstallKB942840$\spuninst\spunins t.exe"
Opdatering til Windows XP (KB946627) --> "C:\WINDOWS\$NtUninstallKB946627$\spuninst\spunins t.exe"
OpenAL --> "C:\Programmer\OpenAL\OalinstGridRelease.exe" /U
PC Pitstop Driver Alert 1.0 --> "C:\Programmer\PCPitstop\Driver Alert\unins000.exe"
PDF Settings --> MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
PhotoNow! 1.0 --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\Ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{D36DD326-7280-11D8-97C8-000129760CBE}\Setup.exe" -uninstall
PixiePack Codec Pack --> MsiExec.exe /I{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}
Portal --> "C:\Programmer\Steam\steam.exe" steam://uninstall/400
PowerDirector --> "C:\Programmer\InstallShield Installation Information\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}\Setup.exe" -l0x000409 /z-uninstall
PowerDVD Ultra --> "C:\Programmer\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\setup.exe" -l0x000409 /z-uninstall
PowerISO --> "C:\Programmer\PowerISO\uninstall.exe"
PunkBuster Services --> C:\WINDOWS\system32\pbsvc.exe -u
QuickTime --> MsiExec.exe /I{1838C5A2-AB32-4145-85C1-BB9B8DFA24CD}
RealPlayer --> C:\Programmer\Fælles filer\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Sikkerhedsopdatering til Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB921503) --> "C:\WINDOWS\$NtUninstallKB921503$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB923789) --> C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Sikkerhedsopdatering til Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB938829) --> "C:\WINDOWS\$NtUninstallKB938829$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB942615) --> "C:\WINDOWS\$NtUninstallKB942615$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB944533) --> "C:\WINDOWS\$NtUninstallKB944533$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB950749) --> "C:\WINDOWS\$NtUninstallKB950749$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB950759) --> "C:\WINDOWS\$NtUninstallKB950759$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB950760) --> "C:\WINDOWS\$NtUninstallKB950760$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB950762) --> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB951376-v2) --> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Sikkerhedsopdatering til Windows XP (KB951376) --> "C:\WINDOWS\$NtUninstallKB951376$\spuninst\spunins t.exe"
Sikkerhedsopdatering til Windows XP (KB951698) --> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spunins t.exe"
Silent Hunter 4 Wolves of the Pacific --> C:\Programmer\InstallShield Installation Information\{0D005F09-A5F4-473B-A901-5735C6AF5628}\setup.exe -runfromtemp -l0x0009 -removeonly
SiN Episodes: Emergence --> "C:\Programmer\Steam\steam.exe" steam://uninstall/1300
Smarte menuer (Windows Live Toolbar) --> MsiExec.exe /X{307656A7-430C-4235-9319-4B21E3362493}
SmartSound Quicktracks Plugin --> C:\PROGRA~1\FLLESF~1\INSTAL~1\Driver\9\INTEL3~1\ID river.exe /M{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}
Sound Blaster X-Fi --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\PROFES~1\RunTime\09\ 01\Intel32\Ctor.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{18F11181-EA1A-42AE-AF89-4867C7F7A6FA}\SETUP.EXE" -l0x9 /remove
Stardock Central --> C:\PROGRA~1\Stardock\SDCENT~1\UNWISE.EXE C:\PROGRA~1\Stardock\SDCENT~1\INSTALL.LOG
Steam --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Supreme Commander --> C:\Programmer\InstallShield Installation Information\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}\setup.exe -runfromtemp -l0x0009 -removeonly
System Requirements Lab --> C:\Programmer\SystemRequirementsLab\Uninstall.exe
Teach Me Piano Deluxe --> RunDll32 C:\PROGRA~1\FLLESF~1\INSTAL~1\engine\6\INTEL3~1\ct or.dll,LaunchSetup "C:\Programmer\InstallShield Installation Information\{80F6C967-CCE7-4AE3-9244-481187928E18}\setup.exe"
Team Fortress 2 --> "C:\Programmer\Steam\steam.exe" steam://uninstall/440
TeamSpeak 2 RC2 --> C:\Programmer\Teamspeak2_RC2\unins000.exe
Tilmeldingsassistent til Windows Live --> MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Udvidelser (Windows Live Toolbar) --> MsiExec.exe /X{39D511C7-3463-4842-9948-C99B49B06CE9}
Universal Extractor 1.5 --> "C:\Programmer\Universal Extractor\unins000.exe"
Unreal Tournament 3 --> MsiExec.exe /X{BFA90209-7AFF-4DB6-8E4B-E57305751AD7}
User Profile Hive Cleanup Service --> MsiExec.exe /I{FF77941A-2BFA-4A18-BE2E-69B9498E4D55}
VobSub v2.23 (Remove Only) --> "C:\Programmer\Gabest\VobSub\uninstall.exe"
Wacom Tablet --> C:\Programmer\Tablet\Wacom\Remove.exe /u
Winamp --> "C:\Programmer\Winamp\UninstWA.exe"
Winamp Remote --> "C:\Programmer\Winamp Remote\uninstall.exe"
Windows Installer Clean Up --> MsiExec.exe /X{121634B0-2F4B-11D3-ADA3-00C04F52DD52}
Windows Live Favorites til Windows Live Toolbar --> MsiExec.exe /X{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}
Windows Live installer --> MsiExec.exe /X{38092A00-F9C8-420F-B5CB-C56F89F94B12}
Windows Live Messenger --> MsiExec.exe /X{1EDF0646-14CE-46FE-8785-9E12E29686DF}
Windows Live Toolbar --> "C:\Programmer\Windows Live Toolbar\UnInstall.exe" {D6C6A53B-540A-425B-9BE0-C87FAB6B6D36}
Windows Live Toolbar --> MsiExec.exe /X{D6C6A53B-540A-425B-9BE0-C87FAB6B6D36}
Windows Media Encoder 9 Series --> msiexec.exe /I {E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Encoder 9 Series --> MsiExec.exe /I{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spunin st.exe"
WinRAR archiver --> C:\Programmer\WinRAR\uninstall.exe
World in Conflict --> C:\Programmer\InstallShield Installation Information\{F11ADC64-C89E-47F4-A0B3-3665FF859397}\setup.exe -runfromtemp -l0x0009 -removeonly
Xvid 1.1.3 VAQ final uninstall --> "C:\Programmer\Xvid\unins000.exe"
XviD MPEG4 Video Codec (remove only) --> "C:\WINDOWS\system32\xvid-uninstall.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type5051 / Success
Event Submitted/Written: 06/22/2008 08:15:58 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.

Event Record #/Type5043 / Error
Event Submitted/Written: 06/22/2008 06:24:24 PM
Event ID/Source: 1000 / Application Error
Event Description:
Fejlagtigt program firefox.exe, version 1.8.20080.40413, fejlagtigt modul xpcom_core.dll, version 1.8.20080.40413, fejlagtig adresse 0x0003fc51.
Mediespecifik hændelse behandles for [firefox.exe!ws!]

Event Record #/Type5042 / Error
Event Submitted/Written: 06/22/2008 06:24:19 PM
Event ID/Source: 1000 / Application Error
Event Description:
Fejlagtigt program firefox.exe, version 1.8.20080.40413, fejlagtigt modul xpcom_core.dll, version 1.8.20080.40413, fejlagtig adresse 0x0003fc51.
Mediespecifik hændelse behandles for [firefox.exe!ws!]

Event Record #/Type5041 / Error
Event Submitted/Written: 06/22/2008 06:24:12 PM
Event ID/Source: 1000 / Application Error
Event Description:
Fejlagtigt program firefox.exe, version 1.8.20080.40413, fejlagtigt modul xpcom_core.dll, version 1.8.20080.40413, fejlagtig adresse 0x0003fc51.
Mediespecifik hændelse behandles for [firefox.exe!ws!]

Event Record #/Type5025 / Success
Event Submitted/Written: 06/22/2008 03:10:38 PM
Event ID/Source: 12001 / usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type12641 / Error
Event Submitted/Written: 06/22/2008 08:30:00 PM
Event ID/Source: 10005 / DCOM
Event Description:
Fejlen "%%1058" opstod på DCOM under forsøg på at starte tjenesten wuauserv med argumenterne ""
for at køre serveren:
{E60687F7-01A1-40AA-86AC-DB1CBF673334}

Event Record #/Type12620 / Error
Event Submitted/Written: 06/22/2008 08:13:56 PM
Event ID/Source: 7022 / Service Control Manager
Event Description:
Tjenesten AVG8 E-mail Scanner hang ved start.

Event Record #/Type12619 / Error
Event Submitted/Written: 06/22/2008 08:12:03 PM
Event ID/Source: 7000 / Service Control Manager
Event Description:
Tjenesten DS1410D kunne ikke starte pga. følgende fejl:
%%2

Event Record #/Type12607 / Error
Event Submitted/Written: 06/22/2008 07:53:37 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
Tjenesten Ad-Aware 2007 Service afsluttede uventet. Dette er sket 1 gang(e).

Event Record #/Type12606 / Error
Event Submitted/Written: 06/22/2008 07:53:37 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
Tjenesten Crypkey License afsluttede uventet. Dette er sket 1 gang(e).



-- End of Deckard's System Scanner: finished at 2008-06-22 20:49:50 ------------

Before we can carry on with your cleanup we need to install your Recovery Console.
Go to Microsoft's website => How to obtain Windows XP Setup boot disks
Select the download that's appropriate for your Operating System




Download the file & save it as it's originally named, next to ComboFix.exe.






Now close all open windows and programs, including all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

• Drag the setup package onto ComboFix.exe and drop it.
  
• Follow the prompts to start ComboFix and when prompted, agree to the End-User License Agreement to install the Microsoft Recovery Console.
  
• At the next prompt, click 'Yes' to run the full ComboFix scan.
  
  
  
• When the tool is finished, it will produce a report for you.

Please post the C:\ComboFix.txt along with a new HijackThis log for further review.

Sorry about the response taking some time. Work day you'know

The new log from Hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:01, on 2008-06-23
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
C:\Programmer\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\crypserv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Programmer\Cyberlink\Shared Files\brs.exe
C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe
C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Windows Live\Messenger\msnmsgr.exe
C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
C:\Programmer\UPHClean\uphclean.exe
C:\WINDOWS\system32\WTablet\Wacom_TabletUser.exe
C:\WINDOWS\system32\Wacom_Tablet.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Programmer\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.ex e"
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmer\CyberLink\PowerDVD\Language\Language .exe
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CPU Power Monitor] "C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe"
O4 - HKLM\..\Run: [Cpu Level Up help] C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe
O4 - HKLM\..\Run: [BDRegion] C:\Programmer\Cyberlink\Shared Files\brs.exe
O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Programmer\ScanSoft\OmniPageSE2.0\OpwareSE2.ex e"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [TuneClone] C:\Programmer\TuneClone\TuneClone.exe /silence
O4 - HKLM\..\Run: [AVP] "C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [BM47caaa9f] Rundll32.exe "C:\WINDOWS\system32\wpqbaugd.dll",s
O4 - HKLM\..\Run: [44f99903] rundll32.exe "C:\WINDOWS\system32\wityqiwa.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [AnyDVD] C:\Programmer\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [Tunebite] C:\Programmer\RapidSolution\Tunebite\Tunebite.exe -tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - Add to Windows Live Favorites
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://utilities.pcpitstop.com/da/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Programmer\Bonjour\mDNSResponder.exe
O23 - Service: Crypkey License - CrypKey (Canada) Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TabletServiceWacom - Wacom Technology, Corp. - C:\WINDOWS\system32\Wacom_Tablet.exe

--
End of file - 8759 bytes

And the new log from Combofix:

ComboFix 08-06-20.4 - Christian 2008-06-23 16:13:32.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.1482 [GMT 2:00]
Running from: C:\Documents and Settings\Christian\Skrivebord\Combofix.exe
Command switches used :: C:\Documents and Settings\Christian\Skrivebord\WindowsXP-KB310994-SP2-Pro-BootDisk-DAN.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM47caaa9f.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\EgQWayay.ini
C:\WINDOWS\system32\EgQWayay.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\ppgwgiky.ini
C:\WINDOWS\system32\yayaWQgE.dll
.
---- Previous Run -------
.
C:\WINDOWS\BM47caaa9f.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\hdbjuact.ini
C:\WINDOWS\system32\hgMSDfhk.ini
C:\WINDOWS\system32\hgMSDfhk.ini2
C:\WINDOWS\system32\khfDSMgh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\rncamstb.ini
C:\WINDOWS\system32\aawuwpwx.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-23 to 2008-06-23 )))))))))))))))))))))))))))))))
.

2008-06-23 16:19 . 2008-06-23 16:19 22 --a------ C:\WINDOWS\pskt.ini
2008-06-23 16:19 . 2008-06-23 16:23 0 --a------ C:\WINDOWS\BM47caaa9f.xml
2008-06-23 15:37 . 2008-06-23 16:19 414 ---hs---- C:\WINDOWS\system32\hdbjuact.ini
2008-06-23 15:17 . 2008-06-23 15:17 <DIR> d-------- C:\WTablet
2008-06-22 20:46 . 2008-06-22 20:46 <DIR> d-------- C:\Deckard
2008-06-22 20:22 . 2008-06-22 20:22 99,328 --a------ C:\WINDOWS\system32\mtjkcmlm.dll
2008-06-22 20:19 . 2008-06-22 20:19 90,624 --a------ C:\WINDOWS\system32\uiaqfovw.dll
2008-06-22 20:19 . 2008-06-22 20:19 80,384 --a------ C:\WINDOWS\system32\ykigwgpp.dll
2008-06-22 19:14 . 2008-06-22 19:14 <DIR> d-------- C:\Programmer\Trend Micro
2008-06-22 15:53 . 2008-06-22 17:50 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-22 15:49 . 2008-06-23 15:21 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-22 15:49 . 2008-06-22 15:49 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-22 15:49 . 2008-06-22 15:49 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-22 15:49 . 2008-06-22 15:49 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-22 15:48 . 2008-06-22 15:48 <DIR> d-------- C:\Programmer\AVG
2008-06-22 15:48 . 2008-06-23 15:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 15:16 . 2008-06-22 15:16 <DIR> d---s---- C:\Documents and Settings\Christian\UserData
2008-06-22 11:24 . 2008-06-22 11:24 99,328 --a------ C:\WINDOWS\system32\ivsjhpho.dll
2008-06-22 11:22 . 2008-06-22 11:22 80,384 --a------ C:\WINDOWS\system32\tcaujbdh.dll
2008-06-22 11:21 . 2008-06-22 11:21 90,624 --a------ C:\WINDOWS\system32\laxtghag.dll
2008-06-21 23:45 . 2008-06-21 23:44 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-21 23:44 . 2008-06-21 23:46 <DIR> d-------- C:\Documents and Settings\Christian\.housecall6.6
2008-06-21 10:36 . 2008-06-21 10:36 99,328 --a------ C:\WINDOWS\system32\ldwtlpwk.dll
2008-06-21 10:33 . 2008-06-21 10:33 90,112 --a------ C:\WINDOWS\system32\gkavpyln.dll
2008-06-21 10:21 . 2008-06-21 10:21 24,576 --a------ C:\WINDOWS\system32\fccccBRI.dll
2008-06-20 22:27 . 2008-06-20 22:27 24,576 --a------ C:\WINDOWS\system32\ssqRLBsp.dll
2008-06-20 22:27 . 2008-06-20 22:27 24,576 --a------ C:\WINDOWS\system32\ssqpoPjj.dll
2008-06-20 22:26 . 2008-06-20 22:26 24,576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll
2008-06-20 22:26 . 2008-06-20 22:26 24,576 --a------ C:\WINDOWS\system32\byXQGyyv.dll
2008-06-17 19:40 . 2008-06-17 19:40 <DIR> d-------- C:\Documents and Settings\Art Movies\Practical Light and Color
2008-06-17 14:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AutoGK
2008-06-17 14:53 . 2008-06-17 14:53 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-06-17 14:42 . 2008-06-17 14:51 <DIR> d-------- C:\Programmer\GordianKnot
2008-06-17 12:34 . 2008-06-17 12:34 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\zweitgeist
2008-06-17 12:30 . 2008-06-17 12:41 <DIR> d-------- C:\Programmer\Xvid
2008-06-17 12:30 . 2008-04-02 22:37 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-06-14 13:38 . 2008-06-14 14:01 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Hamachi
2008-06-14 13:37 . 2008-06-14 13:38 <DIR> d-------- C:\Programmer\Hamachi
2008-06-14 13:37 . 2008-06-14 13:37 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-06-11 16:06 . 2008-06-11 16:06 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\ArcSoft
2008-06-11 15:54 . 2008-06-14 20:00 272,256 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 23:53 . 2008-06-08 23:53 10 --a------ C:\WINDOWS\popcinfo.dat
2008-06-08 17:28 . 2008-06-08 17:28 <DIR> d-------- C:\Programmer\K-Lite Codec Pack
2008-06-08 17:28 . 2008-04-27 10:47 770,048 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-08 17:28 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-06-08 17:28 . 2004-01-25 18:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-06-08 17:28 . 2008-04-27 11:10 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-08 17:28 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-06-08 17:28 . 2008-03-28 19:41 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-08 17:28 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-06-08 17:28 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-06-07 14:15 . 2008-06-07 14:15 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\RTPlayer
2008-06-07 13:36 . 2008-06-07 13:36 <DIR> d-------- C:\Programmer\PixiePack Codec Pack
2008-06-07 13:36 . 2008-06-07 14:16 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Tunebite
2008-06-07 13:36 . 2008-02-20 13:47 27,936 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys
2008-06-07 13:35 . 2008-06-07 13:35 <DIR> d-------- C:\Programmer\RapidSolution
2008-06-07 13:35 . 2008-06-07 14:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RapidSolution
2008-06-03 21:02 . 2008-06-03 21:02 <DIR> d-------- C:\Documents and Settings\NetworkService\Dokumenter
2008-06-03 19:30 . 2004-08-26 17:53 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-03 19:30 . 2001-10-04 17:07 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-02 19:10 . 2008-06-02 19:10 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\drms
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD4.tmp
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD3.tmp
2008-06-01 17:49 . 2008-06-01 17:49 444,952 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-06-01 17:49 . 2008-06-01 17:49 109,080 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-06-01 17:27 . 2008-06-01 17:27 <DIR> d-------- C:\Programmer\Codemasters
2008-05-31 14:43 . 2008-05-31 14:43 194 --a------ C:\WINDOWS\system32\RBDELDRV.BAT
2008-05-31 14:42 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp288.tmp
2008-05-31 13:04 . 2008-04-17 12:06 3,768 --a------ C:\WINDOWS\system32\drivers\CamdVideo32.sys
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2F.tmp
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2E.tmp
2008-05-30 23:46 . 2008-05-30 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16D.tmp
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16C.tmp
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_C oinstaller_Critical.Wdf
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_010 05.Wdf
2008-05-30 21:22 . 2008-05-31 14:27 <DIR> d-------- C:\Programmer\Morgan
2008-05-30 21:22 . 2002-11-18 17:02 40,960 --a------ C:\WINDOWS\system32\MMAVILNG.exe
2008-05-30 21:18 . 2008-05-30 21:18 56 -r-hs---- C:\WINDOWS\system32\DE2A04568E.sys
2008-05-30 21:15 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\Gabest
2008-05-30 20:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AviSynth 2.5
2008-05-30 19:22 . 2008-05-30 19:22 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:22 . 2008-05-30 19:22 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-05-30 19:22 . 2008-05-30 19:22 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-05-30 19:19 . 2008-05-30 19:19 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-30 19:19 . 2008-05-30 19:19 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-29 21:04 . 2008-05-29 21:04 <DIR> d-------- C:\Programmer\PCPitstop
2008-05-27 22:49 . 2008-02-07 17:10 <DIR> d--h----- C:\ckis
2008-05-25 19:50 . 2008-05-25 19:51 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\GetRightToGo
2008-05-25 19:17 . 2008-05-25 19:32 228 --a------ C:\WINDOWS\PowerReg.dat
2008-05-25 19:15 . 1996-10-15 18:01 298,496 --a------ C:\WINDOWS\uninst.exe
2008-05-24 10:48 . 2008-05-24 10:48 <DIR> d-------- C:\WINDOWS\system32\xlive
2008-05-24 10:03 . 2008-05-30 23:38 <DIR> d-------- C:\Programmer\OpenAL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-23 14:23 32,338,464 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-23 14:23 1,091,360 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-23 14:19 --------- d-----w C:\Documents and Settings\Christian\Application Data\WTablet
2008-06-23 14:16 436,832 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-23 14:16 106,376 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-23 13:44 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-23 05:59 --------- d-----w C:\Documents and Settings\Christian\Application Data\uTorrent
2008-06-22 09:28 --------- d-----w C:\Programmer\Kaspersky Lab
2008-06-19 15:43 --------- d-----w C:\Programmer\DC++
2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 16:44 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-14 16:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-11 14:07 --------- d-----w C:\Documents and Settings\Christian\Application Data\Canon
2008-06-10 17:58 --------- d-----w C:\Programmer\THQ
2008-06-08 15:16 --------- d-----w C:\Documents and Settings\Christian\Application Data\DivX
2008-06-08 15:12 --------- d-----w C:\Programmer\DivX
2008-06-07 15:52 --------- d-----w C:\Programmer\Steam
2008-06-01 15:54 --------- d-----w C:\Programmer\SystemRequirementsLab
2008-06-01 15:27 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-05-31 12:43 --------- d-----w C:\Programmer\Real
2008-05-30 19:18 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-29 17:55 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 17:16 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 17:16 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-20 17:31 --------- d-----w C:\Programmer\Fælles filer\Adobe
2008-05-19 20:02 --------- d-----w C:\Documents and Settings\Christian\Application Data\SystemRequirementsLab
2008-05-10 08:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-05-09 17:04 --------- d-----w C:\Programmer\Winamp Remote
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 20:57 --------- d-----w C:\Programmer\EphPod
2008-05-05 20:37 --------- d-----w C:\Programmer\iTunes
2008-05-05 20:37 --------- d-----w C:\Documents and Settings\Christian\Application Data\Apple Computer
2008-05-05 20:36 --------- d-----w C:\Programmer\iPod
2008-05-05 20:36 --------- d-----w C:\Programmer\Fælles filer\Apple
2008-05-05 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-30 15:27 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-30 05:42 3,532 ----a-w C:\drmHeader.bin
2008-04-21 07:03 660,992 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-08 13:16 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-27 22:39 1 ----a-w C:\Documents and Settings\Christian\SI.bin
2008-01-18 15:12 22,328 ----a-w C:\Documents and Settings\Christian\Application Data\PnkBstrK.sys
2008-01-13 01:17 22,328 ----a-w C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
2008-01-13 23:06 8 --sha-w C:\WINDOWS\system32\315FB34F15.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-22_20.20.03.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-22 18:10:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-23 14:17:50 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{68B5E561-9E49-4E7A-BE3E-A931DA3B7A46}]
2008-06-23 16:23 321536 --a------ C:\WINDOWS\system32\khffdCVO.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{94ea89b0-8e7b-4b28-9dbe-ca9394e3d41a}]
2008-06-22 20:22 99328 --a------ C:\WINDOWS\system32\mtjkcmlm.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F86B11F3-0CE1-475F-9541-5329BF7B3597}]
2008-06-20 22:26 24576 --a------ C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 18:53 15360]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"AnyDVD"="C:\Programmer\SlySoft\AnyDVD\AnyDVD. exe" [2008-01-18 22:30 1649600]
"Tunebite"="C:\Programmer\RapidSolution\Tunebite\T unebite.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46 13529088]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_ 05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-03 23:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-03 23:32 455168]
"nwiz"="nwiz.exe" [2008-05-03 05:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-03 23:31 59392]
"LanguageShortcut"="C:\Programmer\CyberLink\PowerD VD\Language\Language.exe" [2007-10-11 13:06 62760]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.E XE" [2004-08-03 23:32 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE " [2001-10-09 14:00 44032]
"CTxfiHlp"="CTXFIHLP.EXE" [2005-08-08 00:10 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [2005-08-08 00:10 16384 C:\WINDOWS\CTHELPER.EXE]
"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-04 22:33 626176]
"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 11:32 880640]
"BDRegion"="C:\Programmer\Cyberlink\Shared Files\brs.exe" [2007-11-16 20:20 91432]
"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 12:19 1426432]
"OpwareSE2"="C:\Programmer\ScanSoft\OmniPageSE2.0\ OpwareSE2.exe" [2003-05-08 12:00 49152]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2008-05-03 05:46 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-22 15:48 1177368]
"44f99903"="C:\WINDOWS\system32\tcaujbdh.dll" [2008-06-22 11:22 80384]
"TuneClone"="C:\Programmer\TuneClone\TuneClone.exe " [ ]
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 12:51 218376]
"BM47caaa9f"="C:\WINDOWS\system32\wpqbaugd.dll " [2008-06-23 16:24 91136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 18:53 15360]

C:\Documents and Settings\Christian\Menuen Start\Programmer\Start\
Adobe Gamma.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]

[hkey_local_machine\software\microsoft\windows\curr entversion\explorer\shellexecutehooks]
"{F86B11F3-0CE1-475F-9541-5329BF7B3597}"= C:\WINDOWS\system32\hgGaxuTk.dll [2008-06-20 22:26 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hgGaxuTk]
hgGaxuTk.dll 2008-06-20 22:26 24576 C:\WINDOWS\system32\hgGaxuTk.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adi alhk.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\khffdCVO

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\games\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Programmer\\uTorrent\\uTorrent.exe"=
"C:\\Programmer\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"C:\\Programmer\\DC++\\DCPlusPlus.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\sin episodes emergence\\SinEpisodes.exe"=
"C:\\games\\Company of heroes\\RelicCOH.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\team fortress 2\\hl2.exe"=
"C:\\Programmer\\Autodesk\\Maya2008\\bin\\maya.exe "=
"C:\\Programmer\\Stardock\\TotalGaming\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\ftp.exe"=
"C:\\Programmer\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"C:\\Programmer\\Messenger\\msmsgs.exe"=
"C:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\games\\Battlefield 2\\BF2.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\games\\Defcon\\defcon.exe"=
"C:\\Programmer\\Codemasters\\GRID\\GRID.exe"=
"C:\\Programmer\\Mozilla Firefox\\firefox.exe"=
"C:\\Programmer\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"=
"E:\\Tegnemappe\\opencanvas.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgemc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows peer-til-peer-gruppering
"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)
"88:UDP"= 88:UDP:Xbox 360
"3074:UDP"= 3074:UDP:Xbox 360
"3074:TCP"= 3074:TCP:Xbox 360
"10280:TCP"= 10280:TCP:Xbox 360
"10281:TCP"= 10281:TCP:Xbox 360
"10282:TCP"= 10282:TCP:Xbox 360
"10283:TCP"= 10283:TCP:Xbox 360

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-22 15:49]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Programmer\CyberLink\PowerDVD\000 .fcl [2007-11-03 01:12]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-22 15:48]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-22 15:48]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-22 15:49]
R2 TabletServiceWacom;TabletServiceWacom;C:\WINDOWS\s ystem32\Wacom_Tablet.exe [2007-09-07 12:40]
R3 CamdVideo32;CamdVideo32;C:\WINDOWS\system32\DRIVER S\CamdVideo32.sys [2008-04-17 12:06]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-08-07 23:54]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilte r.sys [2007-02-16 12:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 11:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 17:11]
S0 tclondrv;tclondrv;C:\WINDOWS\system32\DRIVERS\tclo ndrv.sys []
S3 CamdDriverV32;CamdDriverV32;C:\WINDOWS\system32\dr ivers\CamdDriverV32.sys []
S3 p2pgasvc;Gruppegodkendelse på peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2pimsvc;Identitetsstyring for peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2psvc;Peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 PNRPSvc;PNRP (Peer Name Resolution Protocol);C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
C:\Programmer\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-05 12:39:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-06-23 13:30:00 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"

Have "Hijack This" fix all the following items in the list below by placing a check in the appropriate boxes.Confirm that you have only the listed ones checked, then press <Fix checked> and Close HJT.

O4 - HKLM\..\Run: [BM47caaa9f] Rundll32.exe "C:\WINDOWS\system32\wpqbaugd.dll",s
O4 - HKLM\..\Run: [44f99903] rundll32.exe "C:\WINDOWS\system32\wityqiwa.dll",b


Reboot.....................

===================================

Please copy this page to *Notepad* and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.

It's IMPORTANT to carry out the instructions in the sequence listed below.
1. Close any open browsers.
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

Open *notepad* and copy/paste the text in the quotebox below into it:

Save this as CFScript.txt




Refering to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you. Post that log in your next reply.

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

When CF finishes running, the ComboFix log will open along with a message box--do not be alarmed. With the above script, ComboFix will capture a file to submit for analysis.

Ensure you are connected to the internet and click OK on the message box. A browser will open. Simply follow the instructions to copy/paste/send the requested file.

Hi again. CF's new log is below now. I'm afraid that I never got an "upload" window when CF was done. It did leave a .zip file on the desktop though. I dont know if it's you or whoever that's supposed to see the file, but if that's the case I've manually uploaded it to my FTP and you can get it through this link: http://home19.inet.tele.dk/digitalis/CF_File.zip

Note that I had to change the filename from the original since the upload-program didn't want to play ball with all the characters it used

Original filename was this: [4]-Submit_2008-06-24@7.37.zip



ComboFix 08-06-20.4 - Christian 2008-06-24 7:37:26.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1030.18.1557 [GMT 2:00]
Running from: C:\Documents and Settings\Christian\Skrivebord\Combofix.exe
Command switches used :: C:\Documents and Settings\Christian\Skrivebord\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM47caaa9f.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\awiqytiw.ini
C:\WINDOWS\system32\byXQGyyv.dll
C:\WINDOWS\system32\fccccBRI.dll
C:\WINDOWS\system32\gkavpyln.dll
C:\WINDOWS\system32\hdbjuact.ini
C:\WINDOWS\system32\hgGaxuTk.dll
C:\WINDOWS\system32\ivsjhpho.dll
C:\WINDOWS\system32\khffdCVO.dll
C:\WINDOWS\system32\laxtghag.dll
C:\WINDOWS\system32\ldwtlpwk.dll
C:\WINDOWS\system32\mtjkcmlm.dll
C:\WINDOWS\system32\OVCdffhk.ini
C:\WINDOWS\system32\OVCdffhk.ini2
C:\WINDOWS\system32\ssqpoPjj.dll
C:\WINDOWS\system32\ssqRLBsp.dll
.
---- Previous Run -------
.
C:\WINDOWS\BM47caaa9f.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\EgQWayay.ini
C:\WINDOWS\system32\EgQWayay.ini2
C:\WINDOWS\system32\hdbjuact.ini
C:\WINDOWS\system32\hgMSDfhk.ini
C:\WINDOWS\system32\hgMSDfhk.ini2
C:\WINDOWS\system32\khfDSMgh.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\ppgwgiky.ini
C:\WINDOWS\system32\rncamstb.ini
C:\WINDOWS\system32\yayaWQgE.dll
C:\WINDOWS\system32\aawuwpwx.ini

.
((((((((((((((((((((((((( Files Created from 2008-05-24 to 2008-06-24 )))))))))))))))))))))))))))))))
.

2008-06-23 16:26 . 2008-06-23 16:26 81,408 --a------ C:\WINDOWS\system32\wityqiwa.dll
2008-06-23 15:17 . 2008-06-23 15:17 <DIR> d-------- C:\WTablet
2008-06-22 20:46 . 2008-06-22 20:46 <DIR> d-------- C:\Deckard
2008-06-22 19:14 . 2008-06-22 19:14 <DIR> d-------- C:\Programmer\Trend Micro
2008-06-22 15:53 . 2008-06-22 17:50 <DIR> d--h----- C:\$AVG8.VAULT$
2008-06-22 15:49 . 2008-06-23 15:21 <DIR> d-------- C:\WINDOWS\system32\drivers\Avg
2008-06-22 15:49 . 2008-06-22 15:49 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-06-22 15:49 . 2008-06-22 15:49 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-06-22 15:49 . 2008-06-22 15:49 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-06-22 15:48 . 2008-06-22 15:48 <DIR> d-------- C:\Programmer\AVG
2008-06-22 15:48 . 2008-06-23 15:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-06-22 15:16 . 2008-06-22 15:16 <DIR> d---s---- C:\Documents and Settings\Christian\UserData
2008-06-21 23:45 . 2008-06-21 23:44 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-06-21 23:44 . 2008-06-21 23:46 <DIR> d-------- C:\Documents and Settings\Christian\.housecall6.6
2008-06-17 19:40 . 2008-06-17 19:40 <DIR> d-------- C:\Documents and Settings\Art Movies\Practical Light and Color
2008-06-17 14:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AutoGK
2008-06-17 14:53 . 2008-06-17 14:53 43,698 --a------ C:\WINDOWS\system32\xvid-uninstall.exe
2008-06-17 14:42 . 2008-06-17 14:51 <DIR> d-------- C:\Programmer\GordianKnot
2008-06-17 12:34 . 2008-06-17 12:34 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\zweitgeist
2008-06-17 12:30 . 2008-06-17 12:41 <DIR> d-------- C:\Programmer\Xvid
2008-06-17 12:30 . 2008-04-02 22:37 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-06-14 13:38 . 2008-06-14 14:01 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Hamachi
2008-06-14 13:37 . 2008-06-14 13:38 <DIR> d-------- C:\Programmer\Hamachi
2008-06-14 13:37 . 2008-06-14 13:37 25,280 --a------ C:\WINDOWS\system32\drivers\hamachi.sys
2008-06-11 16:06 . 2008-06-11 16:06 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\ArcSoft
2008-06-11 15:54 . 2008-06-14 20:00 272,256 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
2008-06-08 23:53 . 2008-06-08 23:53 10 --a------ C:\WINDOWS\popcinfo.dat
2008-06-08 17:28 . 2008-06-08 17:28 <DIR> d-------- C:\Programmer\K-Lite Codec Pack
2008-06-08 17:28 . 2008-04-27 10:47 770,048 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-06-08 17:28 . 2006-09-24 17:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-06-08 17:28 . 2004-01-25 18:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-06-08 17:28 . 2008-04-27 11:10 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-06-08 17:28 . 2007-09-21 02:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-06-08 17:28 . 2008-03-28 19:41 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-06-08 17:28 . 2007-07-10 18:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-06-08 17:28 . 2007-10-03 17:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-06-07 14:15 . 2008-06-07 14:15 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\RTPlayer
2008-06-07 13:36 . 2008-06-07 13:36 <DIR> d-------- C:\Programmer\PixiePack Codec Pack
2008-06-07 13:36 . 2008-06-07 14:16 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\Tunebite
2008-06-07 13:36 . 2008-02-20 13:47 27,936 --a------ C:\WINDOWS\system32\drivers\tbhsd.sys
2008-06-07 13:35 . 2008-06-07 13:35 <DIR> d-------- C:\Programmer\RapidSolution
2008-06-07 13:35 . 2008-06-07 14:18 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\RapidSolution
2008-06-03 21:02 . 2008-06-03 21:02 <DIR> d-------- C:\Documents and Settings\NetworkService\Dokumenter
2008-06-03 19:30 . 2004-08-26 17:53 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-06-03 19:30 . 2001-10-04 17:07 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-06-02 19:10 . 2008-06-02 19:10 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\drms
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD4.tmp
2008-06-01 17:49 . 2008-04-28 15:53 805,400 -ra------ C:\WINDOWS\system32\tmpD3.tmp
2008-06-01 17:49 . 2008-06-01 17:49 444,952 --a------ C:\WINDOWS\system32\wrap_oal.dll
2008-06-01 17:49 . 2008-06-01 17:49 109,080 --a------ C:\WINDOWS\system32\OpenAL32.dll
2008-06-01 17:27 . 2008-06-01 17:27 <DIR> d-------- C:\Programmer\Codemasters
2008-05-31 14:43 . 2008-05-31 14:43 194 --a------ C:\WINDOWS\system32\RBDELDRV.BAT
2008-05-31 14:42 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp288.tmp
2008-05-31 13:04 . 2008-04-17 12:06 3,768 --a------ C:\WINDOWS\system32\drivers\CamdVideo32.sys
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2F.tmp
2008-05-31 01:03 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp2E.tmp
2008-05-30 23:46 . 2008-05-30 23:46 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Codemasters
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16D.tmp
2008-05-30 23:38 . 2008-04-28 16:53 805,400 -ra------ C:\WINDOWS\system32\tmp16C.tmp
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_C oinstaller_Critical.Wdf
2008-05-30 23:33 . 2008-05-30 23:33 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_xusb21_010 05.Wdf
2008-05-30 21:22 . 2008-05-31 14:27 <DIR> d-------- C:\Programmer\Morgan
2008-05-30 21:22 . 2002-11-18 17:02 40,960 --a------ C:\WINDOWS\system32\MMAVILNG.exe
2008-05-30 21:18 . 2008-05-30 21:18 56 -r-hs---- C:\WINDOWS\system32\DE2A04568E.sys
2008-05-30 21:15 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\Gabest
2008-05-30 20:53 . 2008-06-17 14:53 <DIR> d-------- C:\Programmer\AviSynth 2.5
2008-05-30 19:22 . 2008-05-30 19:22 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-05-30 19:22 . 2008-05-30 19:22 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-05-30 19:22 . 2008-05-30 19:22 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-05-30 19:19 . 2008-05-30 19:19 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-05-30 19:19 . 2008-05-30 19:19 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-05-29 21:04 . 2008-05-29 21:04 <DIR> d-------- C:\Programmer\PCPitstop
2008-05-27 22:49 . 2008-02-07 17:10 <DIR> d--h----- C:\ckis
2008-05-25 19:50 . 2008-05-25 19:51 <DIR> d-------- C:\Documents and Settings\Christian\Application Data\GetRightToGo
2008-05-25 19:17 . 2008-05-25 19:32 228 --a------ C:\WINDOWS\PowerReg.dat
2008-05-25 19:15 . 1996-10-15 18:01 298,496 --a------ C:\WINDOWS\uninst.exe
2008-05-24 10:48 . 2008-05-24 10:48 <DIR> d-------- C:\WINDOWS\system32\xlive
2008-05-24 10:03 . 2008-05-30 23:38 <DIR> d-------- C:\Programmer\OpenAL

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2008-06-24 05:42 32,610,848 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-24 05:42 --------- d-----w C:\Documents and Settings\Christian\Application Data\WTablet
2008-06-24 05:41 1,099,296 --sha-w C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-24 05:40 440,672 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
2008-06-24 05:40 107,192 --sha-w C:\WINDOWS\system32\drivers\fidbox2.idx
2008-06-24 05:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-23 05:59 --------- d-----w C:\Documents and Settings\Christian\Application Data\uTorrent
2008-06-22 09:28 --------- d-----w C:\Programmer\Kaspersky Lab
2008-06-19 15:43 --------- d-----w C:\Programmer\DC++
2008-06-14 18:00 272,256 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-06-14 16:44 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-06-14 16:43 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-06-11 14:07 --------- d-----w C:\Documents and Settings\Christian\Application Data\Canon
2008-06-10 17:58 --------- d-----w C:\Programmer\THQ
2008-06-08 15:16 --------- d-----w C:\Documents and Settings\Christian\Application Data\DivX
2008-06-08 15:12 --------- d-----w C:\Programmer\DivX
2008-06-07 15:52 --------- d-----w C:\Programmer\Steam
2008-06-01 15:54 --------- d-----w C:\Programmer\SystemRequirementsLab
2008-06-01 15:27 --------- d--h--w C:\Programmer\InstallShield Installation Information
2008-05-31 12:43 --------- d-----w C:\Programmer\Real
2008-05-30 19:18 1,682 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-05-29 17:55 88,774 ----a-w C:\WINDOWS\system32\drivers\klick.dat
2008-05-28 17:16 96,966 ----a-w C:\WINDOWS\system32\drivers\klin.dat
2008-05-28 17:16 112,144 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
2008-05-20 17:31 --------- d-----w C:\Programmer\Fælles filer\Adobe
2008-05-19 20:02 --------- d-----w C:\Documents and Settings\Christian\Application Data\SystemRequirementsLab
2008-05-10 08:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-05-09 17:04 --------- d-----w C:\Programmer\Winamp Remote
2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-05-07 05:16 1,291,776 ----a-w C:\WINDOWS\system32\quartz.dll
2008-05-05 20:57 --------- d-----w C:\Programmer\EphPod
2008-05-05 20:37 --------- d-----w C:\Programmer\iTunes
2008-05-05 20:37 --------- d-----w C:\Documents and Settings\Christian\Application Data\Apple Computer
2008-05-05 20:36 --------- d-----w C:\Programmer\iPod
2008-05-05 20:36 --------- d-----w C:\Programmer\Fælles filer\Apple
2008-05-05 20:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-04-30 15:27 442,368 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2008-04-30 05:42 3,532 ----a-w C:\drmHeader.bin
2008-04-21 07:03 660,992 ----a-w C:\WINDOWS\system32\wininet.dll
2008-04-08 13:16 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-03-27 22:39 1 ----a-w C:\Documents and Settings\Christian\SI.bin
2008-01-18 15:12 22,328 ----a-w C:\Documents and Settings\Christian\Application Data\PnkBstrK.sys
2008-01-13 01:17 22,328 ----a-w C:\Documents and Settings\Administrator\Application Data\PnkBstrK.sys
2006-06-23 06:48 32,768 ----a-r C:\WINDOWS\inf\UpdateUSB.exe
2008-01-13 23:06 8 --sha-w C:\WINDOWS\system32\315FB34F15.sys
.

((((((((((((((((((((((((((((( snapshot@2008-06-22_20.20.03.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-06-22 18:10:38 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-06-24 05:41:39 2,048 --s-a-w C:\WINDOWS\bootstat.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 18:53 15360]
"msnmsgr"="C:\Programmer\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"AnyDVD"="C:\Programmer\SlySoft\AnyDVD\AnyDVD. exe" [2008-01-18 22:30 1649600]
"Tunebite"="C:\Programmer\RapidSolution\Tunebite\T unebite.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-03 05:46 13529088]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 02:00 90112]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_ 05\bin\jusched.exe" [2008-02-22 05:25 144784]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT \TINTSETP.EXE" [2004-08-03 23:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TIN TSETP.EXE" [2004-08-03 23:32 455168]
"nwiz"="nwiz.exe" [2008-05-03 05:46 1630208 C:\WINDOWS\system32\nwiz.exe]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScI nst.exe" [2004-08-03 23:31 59392]
"LanguageShortcut"="C:\Programmer\CyberLink\PowerD VD\Language\Language.exe" [2007-10-11 13:06 62760]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.E XE" [2004-08-03 23:32 208952]
"IMEKRMIG6.1"="C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE " [2001-10-09 14:00 44032]
"CTxfiHlp"="CTXFIHLP.EXE" [2005-08-08 00:10 18944 C:\WINDOWS\system32\CTXFIHLP.EXE]
"CTHelper"="CTHELPER.EXE" [2005-08-08 00:10 16384 C:\WINDOWS\CTHELPER.EXE]
"CPU Power Monitor"="C:\Program Files\ASUS\Ai Suite\AiGear3\CpuPowerMonitor.exe" [2007-10-04 22:33 626176]
"Cpu Level Up help"="C:\Program Files\ASUS\Ai Suite\CpuLevelUpHelp.exe" [2007-09-11 11:32 880640]
"BDRegion"="C:\Programmer\Cyberlink\Shared Files\brs.exe" [2007-11-16 20:20 91432]
"Ai Nap"="C:\Program Files\ASUS\Ai Suite\AiNap\AiNap.exe" [2007-09-06 12:19 1426432]
"OpwareSE2"="C:\Programmer\ScanSoft\OmniPageSE2.0\ OpwareSE2.exe" [2003-05-08 12:00 49152]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray. dll" [2008-05-03 05:46 86016]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-06-22 15:48 1177368]
"TuneClone"="C:\Programmer\TuneClone\TuneClone.exe " [ ]
"AVP"="C:\Programmer\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [2007-06-28 12:51 218376]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\Cur rentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 18:53 15360]

C:\Documents and Settings\Christian\Menuen Start\Programmer\Start\
Adobe Gamma.lnk - C:\Programmer\F‘lles filer\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 20:16:50 113664]

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
Adobe Reader Speed Launch.lnk - C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 05:44:06 29696]
Microsoft Office.lnk - C:\Programmer\Microsoft Office\Office\OSA9.EXE [1999-02-17 22:05:56 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adi alhk.dll,avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= DivXa32.acm
"VIDC.HFYU"= huffyuv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\games\\Unreal Tournament 3\\Binaries\\UT3.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Programmer\\uTorrent\\uTorrent.exe"=
"C:\\Programmer\\CyberLink\\PowerDVD\\PowerDVD.exe "=
"C:\\Programmer\\DC++\\DCPlusPlus.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\sin episodes emergence\\SinEpisodes.exe"=
"C:\\games\\Company of heroes\\RelicCOH.exe"=
"C:\\Programmer\\Steam\\steamapps\\psunesen@hotmai l.com\\team fortress 2\\hl2.exe"=
"C:\\Programmer\\Autodesk\\Maya2008\\bin\\maya.exe "=
"C:\\Programmer\\Stardock\\TotalGaming\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\ftp.exe"=
"C:\\Programmer\\GlobalSCAPE\\CuteFTP 8 Professional\\ftpte.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\Supreme Commander\\bin\\SupremeCommander.exe"=
"C:\\Programmer\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"=
"C:\\Programmer\\Messenger\\msmsgs.exe"=
"C:\\Programmer\\Bonjour\\mDNSResponder.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_online.exe"=
"C:\\Programmer\\Sierra Entertainment\\World in Conflict\\wic_ds.exe"=
"C:\\games\\Battlefield 2\\BF2.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Programmer\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\games\\Defcon\\defcon.exe"=
"C:\\Programmer\\Codemasters\\GRID\\GRID.exe"=
"C:\\Programmer\\Mozilla Firefox\\firefox.exe"=
"C:\\Programmer\\THQ\\Company of Heroes - Balance Playtest\\RelicCOH.exe"=
"E:\\Tegnemappe\\opencanvas.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgupd.exe"=
"C:\\Programmer\\AVG\\AVG8\\avgemc.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\GloballyOpenPorts\List]
"3587:TCP"= 3587:TCP:Windows peer-til-peer-gruppering
"3540:UDP"= 3540:UDP:PNRP (Peer Name Resolution Protocol)
"88:UDP"= 88:UDP:Xbox 360
"3074:UDP"= 3074:UDP:Xbox 360
"3074:TCP"= 3074:TCP:Xbox 360
"10280:TCP"= 10280:TCP:Xbox 360
"10281:TCP"= 10281:TCP:Xbox 360
"10282:TCP"= 10282:TCP:Xbox 360
"10283:TCP"= 10283:TCP:Xbox 360

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\standardprofile\IcmpSettings]
"AllowInboundEchoRequest"= 1 (0x1)

R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-06-22 15:49]
R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B};C:\Programmer\CyberLink\PowerDVD\000 .fcl [2007-11-03 01:12]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-06-22 15:48]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-06-22 15:48]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-06-22 15:49]
R2 TabletServiceWacom;TabletServiceWacom;C:\WINDOWS\s ystem32\Wacom_Tablet.exe [2007-09-07 12:40]
R3 CamdVideo32;CamdVideo32;C:\WINDOWS\system32\DRIVER S\CamdVideo32.sys [2008-04-17 12:06]
R3 ha20x2k;Creative 20X HAL Driver;C:\WINDOWS\system32\drivers\ha20x2k.sys [2005-08-07 23:54]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys [2007-04-04 14:58]
R3 wacommousefilter;Wacom Mouse Filter Driver;C:\WINDOWS\system32\DRIVERS\wacommousefilte r.sys [2007-02-16 12:12]
R3 wacomvhid;Wacom Virtual Hid Driver;C:\WINDOWS\system32\DRIVERS\wacomvhid.sys [2007-02-16 11:30]
R3 WacomVKHid;Virtual Keyboard Driver;C:\WINDOWS\system32\DRIVERS\WacomVKHid.sys [2007-02-15 17:11]
S0 tclondrv;tclondrv;C:\WINDOWS\system32\DRIVERS\tclo ndrv.sys []
S3 CamdDriverV32;CamdDriverV32;C:\WINDOWS\system32\dr ivers\CamdDriverV32.sys []
S3 p2pgasvc;Gruppegodkendelse på peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2pimsvc;Identitetsstyring for peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 p2psvc;Peer-netværk;C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]
S3 PNRPSvc;PNRP (Peer Name Resolution Protocol);C:\WINDOWS\System32\svchost.exe [2004-08-26 18:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{61E3FE32-07B9-4563-A3E0-2DE2D620FE10}]
C:\Programmer\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-06-05 12:39:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-06-23 21:30:00 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"