System Integrity Scan Wizard pops up at regular intervals. Also, a yellow triangle with a black exclamation point inside appears in my system tray. It links to anti-spywareremoval.biz.

Have tried Spybot and Ad-Aware SE (also Norman AV) without luck.

Any help is appreciated.

Deckard's System Scanner v20071014.68
Run by Thomasv on 2008-04-17 14:45:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
43: 2008-04-17 12:45:12 UTC - RP43 - Deckard's System Scanner Restore Point
42: 2008-04-17 09:40:00 UTC - RP42 - Kontrollpunkt for system
41: 2008-04-16 09:02:08 UTC - RP41 - Installed Windows Media Player Firefox Plugin
40: 2008-04-16 08:01:54 UTC - RP40 - Installed Microsoft Office Professional Edition 2003
39: 2008-04-15 09:04:35 UTC - RP39 - Kontrollpunkt for system


-- First Restore Point --
1: 2008-04-11 08:17:04 UTC - RP1 - Kontrollpunkt for system


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Thomasv.exe) ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:46:23, on 17.04.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Novell\XTAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\IFXTCS.exe
C:\Programfiler\Norman\Npm\Bin\eLogsvc.exe
C:\Programfiler\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\msdtc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\AvidSDMService.exe
C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe
C:\WINDOWS\system32\IFXSPMGT.exe
C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programfiler\Novell\ZENworks\nalntsrv.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programfiler\ProtectTools\Embedded Security Software\PSDsrvc.EXE
C:\Programfiler\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
C:\Programfiler\Novell\ZENworks\wm.exe
C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\mqsvc.exe
C:\WINDOWS\system32\mqtgsvc.exe
C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
C:\WINDOWS\System32\alg.exe
C:\Programfiler\HPQ\IAM\bin\asghost.exe
C:\Programfiler\ProtectTools\Embedded Security Software\PSDrt.exe
C:\Programfiler\ProtectTools\Embedded Security Software\SpTna.exe
C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTServs.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe
C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Programfiler\Norman\Npm\bin\ZLH.EXE
C:\WINDOWS\system32\dpmw32.exe
C:\Programfiler\Norman\Nvc\BIN\NIP.EXE
C:\WINDOWS\system32\NWTRAY.EXE
C:\Programfiler\Norman\Nvc\bin\cclaw.exe
C:\Programfiler\iTunes\iTunesHelper.exe
C:\Programfiler\iPod\bin\iPodService.exe
C:\Programfiler\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Programfiler\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\nqjkpgjy.exe
C:\Programfiler\Norman\Norman Ad-Aware SE Professional\Ad-Watch.exe
C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\HPQ\Shared\HPQTOA~1.EXE
C:\Programfiler\Windows Media Player\WMPNetwk.exe
C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe
C:\Programfiler\Novell\ZENworks\WMRUNDLL.EXE
C:\Programfiler\Norman\Norman Ad-Aware SE Professional\Ad-Aware.exe
C:\Documents and Settings\Thomasv\Skrivebord\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Thomasv.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fronter.com/hifm/index.phtml
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Programfiler\Fellesfiler\ReGet Shared\Catcher.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Programfiler\HPQ\IAM\Bin\ItIeAddIN.dll
O2 - BHO: (no name) - {F3AEF888-A3E2-44EB-BD85-F0C85BA7673F} - C:\WINDOWS\system32\tuvVOGaw.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - C:\Programfiler\ReGet Software\ReGet Deluxe 5.2\IEBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [SoundMAX] C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PTHOSTTR] C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll,RegisterModule
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [WatchDog] C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Programfiler\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [NDPS] C:\WINDOWS\system32\dpmw32.exe
O4 - HKLM\..\Run: [ZENRC Tray Icon] C:\WINDOWS\system32\zentray.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programfiler\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Programfiler\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [pcmdyvvw] C:\WINDOWS\system32\nqjkpgjy.exe
O4 - HKCU\..\Run: [AWMON] "C:\Programfiler\Norman\Norman Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKLM\..\Policies\Explorer\Run: [pADsSP8oOS] C:\Documents and Settings\All Users\Programdata\zgpgnids\zozitwrq.exe
O4 - HKCU\..\Policies\Explorer\Run: [pADsSP8oOS] C:\Documents and Settings\All Users\Programdata\zgpgnids\zozitwrq.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programfiler\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Novell delivered applications - {C1994287-422F-47aa-8E5E-6323E210A125} - C:\Programfiler\Novell\ZENworks\AxNalServer.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com
O20 - Winlogon Notify: OneCard - C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll
O20 - Winlogon Notify: tuvVOGaw - C:\WINDOWS\SYSTEM32\tuvVOGaw.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avid SDM Service (AvidSDMService) - Avid Technology, Inc. - C:\WINDOWS\system32\AvidSDMService.exe
O23 - Service: Avid Startup (AvidStartup) - Unknown owner - C:\WINDOWS\system32\AvidStartup.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe
O23 - Service: Client Update Service for Novell (cusrvc) - Novell, Inc. - C:\WINDOWS\system32\cusrvc.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Programfiler\Norman\Npm\Bin\eLogsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - C:\WINDOWS\system32\IFXSPMGT.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - C:\WINDOWS\system32\IFXTCS.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
O23 - Service: Novell Application Launcher (NALNTSERVICE) - Novell, Inc. - C:\Programfiler\Novell\ZENworks\nalntsrv.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Programfiler\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Programfiler\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Programfiler\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Programfiler\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive Service (PersonalSecureDriveService) - Infineon Technologies AG - C:\Programfiler\ProtectTools\Embedded Security Software\PSDsrvc.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: Novell ZENworks Remote Management Agent (Remote Management Agent) - Novell, Inc. - C:\Programfiler\Novell\ZENworks\RemoteManagement\RMAgent\ZenRem32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe
O23 - Service: Novell XTier Agent Services (XTAgent) - Novell, Inc. - C:\WINDOWS\System32\Novell\XTAgent.exe
O23 - Service: Workstation Manager (ZFDWM) - Novell, Inc. - C:\Programfiler\Novell\ZENworks\wm.exe

--
End of file - 14596 bytes

-- HijackThis Fixed Entries (C:\PROGRA~1\TRENDM~1\HIJACK~1\backups\) -----------

backup-20080416-191912-692 O2 - BHO: (no name) - {F3AEF888-A3E2-44EB-BD85-F0C85BA7673F} - C:\WINDOWS\system32\tuvVOGaw.dll

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 NICM (Novell InterService Communication Driver) - c:\windows\system32\drivers\nicm.sys <Not Verified; Novell, Inc.; Novell XTier for Windows>
R0 NWFILTER (Novell UNC Path Filter) - c:\windows\system32\netware\nwfilter.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R2 BlankScr (HBDevice) - c:\windows\system32\drivers\blankscr.sys <Not Verified; Novell Inc.; ZENworks Remote Management>
R2 NetwareWorkstation (Novell Client for Windows) - c:\windows\system32\netware\nwfs.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R2 RESMGR (Novell NetWare Resource Manager) - c:\windows\system32\netware\resmgr.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R2 SRVLOC (Novell Service Location) - c:\windows\system32\netware\srvloc.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R3 Darpan - c:\windows\system32\drivers\darpan.sys <Not Verified; Novell, Inc.; ZENworks Remote Management>
R3 Flamethrower - c:\windows\system32\drivers\flamethrower.sys <Not Verified; Avid Technology, Inc.; Avid DNA>
R3 NWDNS (Novell DNS Name Space Service Provider) - c:\windows\system32\netware\nwdns.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R3 NWHOST (Novell Host File Name Space Service Provider) - c:\windows\system32\netware\nwhost.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R3 NWSLP (Novell SLP Name Space Service Provider) - c:\windows\system32\netware\nwslp.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
R3 NWSNS (Novell Simple Naming Services (NWSNS)) - c:\windows\system32\netware\nwsns.sys <Not Verified; Novell, Inc.; Novell Client for Windows>

S2 NWSIPX32 (Novell NetWare IPX/SPX Transport Interface) - c:\windows\system32\netware\nwsipx32.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
S3 NWDHCP (Novell DHCP Inform Client) - c:\windows\system32\netware\nwdhcp.sys <Not Verified; Novell, Inc.; Novell Client for Windows>
S3 NWSAP (Novell SAP Name Space Provider) - c:\windows\system32\netware\nwsap.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 AvidSDMService (Avid SDM Service) - system32\avidsdmservice.exe <Not Verified; Avid Technology, Inc.; Avid Technology, Inc. AvidSDMService>
R2 IFXSpMgtSrv (Security Platform Management Service) - c:\windows\system32\ifxspmgt.exe <Not Verified; Infineon Technologies AG; Infineon TPM Software>
R2 IFXTCS (Trusted Platform Core Service) - c:\windows\system32\ifxtcs.exe <Not Verified; Infineon Technologies AG; Infineon TPM Software>
R2 NALNTSERVICE (Novell Application Launcher) - c:\programfiler\novell\zenworks\nalntsrv.exe <Not Verified; Novell, Inc.; >
R2 Remote Management Agent (Novell ZENworks Remote Management Agent) - c:\programfiler\novell\zenworks\remotemanagement\rmagent\zenrem32.exe <Not Verified; Novell, Inc.; ZENworks Remote Management>
R2 XTAgent (Novell XTier Agent Services) - c:\windows\system32\novell\xtagent.exe <Not Verified; Novell, Inc.; NetIdentity>
R2 ZFDWM (Workstation Manager) - c:\programfiler\novell\zenworks\wm.exe <Not Verified; Novell, Inc.; ZENworks Desktop Management>

S2 AvidStartup (Avid Startup) - system32\avidstartup.exe <Not Verified; ; AvidStartup>
S2 PCA (PC Angel) - c:\windows\sminst\pcangel.exe <Not Verified; SoftThinks; PCAngel Application>
S3 cusrvc (Client Update Service for Novell) - c:\windows\system32\cusrvc.exe <Not Verified; Novell, Inc.; Novell Client for Windows>
S3 FLEXnet Licensing Service - "c:\programfiler\fellesfiler\macrovision shared\flexnet publisher\fnplicensingservice.exe" <Not Verified; Macrovision Europe Ltd.; FLEXnet Publisher (32 bit)>


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Files created between 2008-03-17 and 2008-04-17 -----------------------------

2008-04-16 19:05:09 0 d-------- C:\Programfiler\Trend Micro
2008-04-16 19:01:39 0 d-------- C:\Programfiler\CCleaner
2008-04-16 15:08:03 5668 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-16 14:55:49 0 d-------- C:\Programfiler\Panda Security
2008-04-16 10:46:17 0 -rahs---- C:\MSDOS.SYS
2008-04-16 10:46:17 0 -rahs---- C:\IO.SYS
2008-04-16 10:19:46 4096 --a------ C:\WINDOWS\system32taack.dat
2008-04-16 10:19:46 4096 --a------ C:\WINDOWS\system32ssvchost.com
2008-04-16 10:19:46 4096 --a------ C:\WINDOWS\system32hxiwlgpm.dat
2008-04-16 10:19:46 4096 --a------ C:\WINDOWS\system32bdn.com
2008-04-16 10:19:35 106496 --a------ C:\WINDOWS\system32\nqjkpgjy.exe
2008-04-16 10:19:34 98304 --a------ C:\WINDOWS\rtqmekwg.exe
2008-04-16 10:19:34 106496 --a------ C:\WINDOWS\npqtsrak.exe
2008-04-16 10:19:34 253952 --a------ C:\WINDOWS\lgmxvpatkmb.dll
2008-04-16 10:19:31 36352 --a------ C:\WINDOWS\system32\tuvVOGaw.dll
2008-04-16 09:51:05 0 d-------- C:\WINDOWS\system32\NtmsData
2008-04-16 09:12:01 0 d-------- C:\Programfiler\WinPcap
2008-04-16 09:09:50 0 d-------- C:\Programfiler\WMR11
2008-04-14 09:32:26 0 d-------- C:\Programfiler\Fellesfiler\Adobe Systems Shared
2008-04-14 08:48:39 0 d-------- C:\Programfiler\Fellesfiler\Macrovision Shared
2008-04-14 00:00:59 0 d-------- C:\Programfiler\QuickPar
2008-04-13 16:51:37 0 d-------- C:\Temp
2008-04-13 15:43:30 0 d-------- C:\Programfiler\TVUPlayer
2008-04-12 17:29:02 0 d-------- C:\Programfiler\DivX
2008-04-12 17:16:02 0 d-------- C:\Programfiler\Fellesfiler\ReGet Shared
2008-04-12 17:16:01 0 d-------- C:\Programfiler\ReGet Software
2008-04-12 17:05:33 0 d-------- C:\Programfiler\Azureus
2008-04-12 16:48:27 0 d-------- C:\Programfiler\SopCast
2008-04-11 18:39:13 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT
2008-04-11 18:38:50 0 d-------- C:\WINDOWS\i386
2008-04-11 15:11:49 0 d-------- C:\Programfiler\Wizards of the Coast
2008-04-11 14:18:54 16384 --a------ C:\WINDOWS\system32\FileOps.exe
2008-04-11 14:18:54 0 d-------- C:\WINDOWS\system32\Adobe
2008-04-11 14:11:34 2477 --a------ C:\WINDOWS\mozver.dat
2008-04-11 13:09:13 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-11 12:48:55 86016 --a------ C:\WINDOWS\unvise32qt.exe <Not Verified; MindVision; Installer VISE 2.8.3>
2008-04-11 12:48:47 0 d-------- C:\WINDOWS\system32\QuickTime
2008-04-11 12:48:47 0 d-------- C:\Programfiler\QuickTime
2008-04-11 12:48:39 0 d-------- C:\Programfiler\iTunes
2008-04-11 12:48:39 0 d-------- C:\Programfiler\iPod
2008-04-11 12:48:16 0 d-------- C:\WINDOWS\Downloaded Installations
2008-04-11 12:47:13 0 d-------- C:\Avid
2008-04-11 12:09:29 73728 --a------ C:\WINDOWS\system32\xmltok.dll <Not Verified; Avid Technology, Inc.; Avid MediaManager Client>
2008-04-11 12:09:29 466944 --a------ C:\WINDOWS\system32\ommclient.dll <Not Verified; Avid Technology, Inc.; Avid MediaManager Client>
2008-04-11 12:09:29 610304 --a------ C:\WINDOWS\system32\mmclientVC7.dll <Not Verified; Avid Technology, Inc.; MediaManager Client>
2008-04-11 12:09:29 1658973 --a------ C:\WINDOWS\system32\libmmd.dll
2008-04-11 12:09:29 61440 --a------ C:\WINDOWS\system32\libjpegV4.dll <Not Verified; Avid Technology, Inc.; Avid OMF Toolkit>
2008-04-11 12:09:29 40960 --a------ C:\WINDOWS\system32\INETTransportLibrary.dll <Not Verified; Avid Technology, Inc.; Avid MediaManager Client>
2008-04-11 12:09:29 614400 --a------ C:\WINDOWS\system32\AvOmfToolkit.dll <Not Verified; Avid Technology, Inc.; Avid OMF Toolkit>
2008-04-11 12:09:28 7962624 --a------ C:\WINDOWS\system32\SVI.dll <Not Verified; Pinnacle Systems Inc.; Alladin>
2008-04-11 12:09:27 0 d-------- C:\Programfiler\Fellesfiler\Digidesign
2008-04-11 12:09:26 180276 --a------ C:\WINDOWS\system32\Mspdb50.dll <Not Verified; Microsoft Corporation; Microsoft ® Visual Studio>
2008-04-11 12:09:26 0 d-------- C:\WINDOWS\system32\MEDIA
2008-04-11 12:09:26 54272 --a------ C:\WINDOWS\system32\drivers\AvidXPSerial.sys
2008-04-11 12:09:26 1323008 --a------ C:\WINDOWS\system32\AvidStartup.exe <Not Verified; ; AvidStartup>
2008-04-11 12:09:26 49152 --a------ C:\WINDOWS\system32\AvidSDMService.exe <Not Verified; Avid Technology, Inc.; Avid Technology, Inc. AvidSDMService>
2008-04-11 12:09:26 278528 --a------ C:\WINDOWS\system32\AvidSDM.dll <Not Verified; Avid Technology, Inc.; Avid Technology, Inc. AvidSDM>
2008-04-11 12:09:24 141312 --a------ C:\WINDOWS\system32\FFBTN32.dll <Not Verified; ForeFront Incorporated; ForeFront Help Buttons>
2008-04-11 12:09:24 102400 --a------ C:\WINDOWS\system32\Dac32.dll <Not Verified; CASH; Christoph Schmelnik's Digital Audio Copy for Win32>
2008-04-11 12:09:24 19968 --a------ C:\WINDOWS\system32\Cpuinf32.dll
2008-04-11 12:09:24 65536 --a------ C:\WINDOWS\system32\AvidQTUpdaterVC7.dll <Not Verified; Avid Technology, Inc.; Avid QuickTime Updater>
2008-04-11 12:09:22 143360 --a------ C:\WINDOWS\system32\WinMMFix.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-11 12:09:22 15872 --a------ C:\WINDOWS\system32\KeyFilter.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-11 12:09:22 573440 --a------ C:\WINDOWS\system32\Dsi.dll <Not Verified; Digidesign, A Division of Avid Technology, Inc.; Pro Tools®>
2008-04-11 12:08:37 45056 --a------ C:\WINDOWS\system32\wnaspi32.dll <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 12:08:37 25244 --a------ C:\WINDOWS\system32\drivers\aspi32.sys <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 12:08:37 4672 --a------ C:\WINDOWS\system\wowpost.exe <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 12:08:37 5600 --a------ C:\WINDOWS\system\winaspi.dll <Not Verified; Adaptec; Adaptec's ASPI Layer>
2008-04-11 12:08:37 0 d-------- C:\Programfiler\Avid
2008-04-11 12:08:26 2981888 --a------ C:\WINDOWS\system32\iplw7.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:26 2502656 --a------ C:\WINDOWS\system32\iplPX.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:26 2531328 --a------ C:\WINDOWS\system32\iplP6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:25 2785280 --a------ C:\WINDOWS\system32\iplM6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:25 2686976 --a------ C:\WINDOWS\system32\iplM5.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:24 2973696 --a------ C:\WINDOWS\system32\iplA6.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:24 53248 --a------ C:\WINDOWS\system32\ipl.dll <Not Verified; Intel Corporation.; Intel® Image Processing Library>
2008-04-11 12:08:24 417920 --a------ C:\WINDOWS\system32\drivers\Flamethrower.sys <Not Verified; Avid Technology, Inc.; Avid DNA>
2008-04-11 12:08:21 0 d-------- C:\Programfiler\Fellesfiler\Avid
2008-04-11 12:07:49 0 d-------- C:\Programfiler\SafeNet Sentinel
2008-04-11 12:07:49 0 d-------- C:\Programfiler\Fellesfiler\SafeNet Sentinel
2008-04-11 12:05:27 0 d-------- C:\Programfiler\AC3Filter
2008-04-11 12:05:06 0 d-------- C:\Programfiler\MSXML 6.0
2008-04-11 12:03:48 0 d-------- C:\Programfiler\VideoLAN
2008-04-11 11:32:40 0 dra------ C:\Nedlastinger
2008-04-11 11:30:09 0 d-------- C:\WINDOWS\network diagnostic
2008-04-11 11:27:39 0 d-------- C:\Programfiler\MSXML 4.0
2008-04-11 11:26:37 0 d-------- C:\Programfiler\Fellesfiler\Adobe
2008-04-11 11:25:48 0 d-------- C:\WINDOWS\system32\nb-NO
2008-04-11 11:24:52 0 d-------- C:\Programfiler\MSBuild
2008-04-11 11:23:04 0 d-------- C:\WINDOWS\Sun
2008-04-11 11:22:50 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-04-11 11:22:32 0 d-------- C:\Programfiler\Reference Assemblies
2008-04-11 11:21:49 0 d-------- C:\b4ed6d7b4fbcbb4abca49b1daa
2008-04-11 11:21:28 0 d-------- C:\Programfiler\Windows Media Connect 2
2008-04-11 11:20:36 0 d-------- C:\WINDOWS\system32\LogFiles
2008-04-11 11:20:36 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-04-11 11:02:21 0 d-------- C:\Programfiler\Microsoft Works
2008-04-11 11:01:41 0 d-------- C:\WINDOWS\SHELLNEW
2008-04-11 11:01:26 0 d-------- C:\Programfiler\Microsoft.NET
2008-04-11 10:57:27 0 d-------- C:\Zenworks
2008-04-11 10:56:49 0 d--h----- C:\NALCache
2008-04-11 10:52:03 0 d-------- C:\Programfiler\Novell
2008-04-11 10:45:58 0 d-------- C:\WINDOWS\system32\novell
2008-04-11 10:45:58 823296 -----n--- C:\WINDOWS\system32\ccsw32.dll <Not Verified; Novell, Inc.; Novell International Cryptography Infrastructure>
2008-04-11 10:45:45 0 d-------- C:\WINDOWS\system\nls
2008-04-11 10:45:41 0 d-------- C:\WINDOWS\system32\NetWare
2008-04-11 10:45:40 0 d-------- C:\Programfiler\CUAgent
2008-04-11 10:45:38 0 d-------- C:\WINDOWS\system32\nls
2008-04-11 10:44:12 0 d-------- C:\Novell
2008-04-11 10:43:57 0 d-------- C:\WINDOWS\FORMS
2008-04-11 10:43:57 0 d-------- C:\Program Files
2008-04-11 10:40:07 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-11 10:35:36 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-11 10:33:44 0 d-------- C:\Programfiler\Norman
2008-04-11 10:21:54 0 d-------- C:\Programfiler\WIDCOMM
2008-04-11 10:21:45 0 d-------- C:\Programfiler\Google
2008-04-11 10:21:18 0 d-------- C:\Programfiler\ProtectTools
2008-04-11 10:20:21 0 d-------- C:\WINDOWS\tiinst
2008-04-11 10:20:04 204800 --a------ C:\WINDOWS\system32\IVIresizeW7.dll
2008-04-11 10:20:04 188416 --a------ C:\WINDOWS\system32\IVIresizePX.dll
2008-04-11 10:20:04 192512 --a------ C:\WINDOWS\system32\IVIresizeP6.dll
2008-04-11 10:20:04 192512 --a------ C:\WINDOWS\system32\IVIresizeM6.dll
2008-04-11 10:20:04 200704 --a------ C:\WINDOWS\system32\IVIresizeA6.dll
2008-04-11 10:20:04 20480 --a------ C:\WINDOWS\system32\IVIresize.dll
2008-04-11 10:19:50 0 d-------- C:\Programfiler\InterVideo
2008-04-11 10:18:01 0 d-------- C:\Programfiler\AuthenTec
2008-04-11 10:16:58 0 d-------- C:\Programfiler\Snarveier til programmer
2008-04-11 10:16:27 0 d-------- C:\WINDOWS\Prefetch


-- Find3M Report ---------------------------------------------------------------

2008-04-17 08:27:12 41889 --a------ C:\WINDOWS\system32\nvModes.dat
2008-04-16 14:50:49 0 d-------- C:\Documents and Settings\Thomasv\Programdata\ReGet Software
2008-04-16 11:58:00 0 d-------- C:\Documents and Settings\Thomasv\Programdata\TmpRecentIcons
2008-04-16 09:57:37 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Azureus
2008-04-15 21:48:15 0 d-------- C:\Documents and Settings\Thomasv\Programdata\DivX
2008-04-14 10:34:30 0 d-------- C:\Documents and Settings\Thomasv\Programdata\AdobeUM
2008-04-14 09:42:09 0 d--h----- C:\Programfiler\InstallShield Installation Information
2008-04-14 09:32:26 0 d-------- C:\Programfiler\Fellesfiler
2008-04-14 09:28:48 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Adobe
2008-04-14 08:38:07 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Sonic
2008-04-13 18:22:58 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Norman
2008-04-13 15:43:52 0 d-------- C:\Documents and Settings\Thomasv\Programdata\TVU Networks
2008-04-13 15:06:36 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Talkback
2008-04-13 13:50:55 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Wizards of the Coast
2008-04-12 17:46:54 0 d-------- C:\Documents and Settings\Thomasv\Programdata\vlc
2008-04-11 18:24:18 0 d-------- C:\Programfiler\Windows NT
2008-04-11 18:24:12 0 d-------- C:\Programfiler\Synaptics
2008-04-11 18:23:18 0 d-------- C:\Programfiler\Sonic
2008-04-11 18:23:02 0 d-------- C:\Programfiler\MSN Gaming Zone
2008-04-11 18:23:02 0 d-------- C:\Programfiler\Movie Maker
2008-04-11 18:23:01 0 d-------- C:\Programfiler\microsoft frontpage
2008-04-11 18:23:01 0 d-------- C:\Programfiler\Messenger
2008-04-11 18:22:33 0 d-------- C:\Programfiler\HPQ
2008-04-11 18:22:33 0 d-------- C:\Programfiler\Hp
2008-04-11 18:22:22 0 d-------- C:\Programfiler\Hewlett-Packard
2008-04-11 18:22:22 0 d-------- C:\Programfiler\Fingerprint Sensor
2008-04-11 18:22:22 0 d-------- C:\Programfiler\Fellesfiler\Tjenester
2008-04-11 18:22:22 0 d-------- C:\Programfiler\Fellesfiler\TiVo Shared
2008-04-11 18:22:03 0 d-------- C:\Programfiler\Fellesfiler\SureThing Shared
2008-04-11 18:22:02 0 d-------- C:\Programfiler\Fellesfiler\SpeechEngines
2008-04-11 18:21:59 0 d-------- C:\Programfiler\Fellesfiler\Sonic Shared
2008-04-11 18:21:59 0 d-------- C:\Programfiler\Fellesfiler\ODBC
2008-04-11 18:21:59 0 d-------- C:\Programfiler\Fellesfiler\MSSoap
2008-04-11 18:21:58 0 d-------- C:\Programfiler\Fellesfiler\LightScribe
2008-04-11 18:21:52 0 d-------- C:\Programfiler\Fellesfiler\Java
2008-04-11 18:21:50 0 d-------- C:\Programfiler\Fellesfiler\InstallShield
2008-04-11 18:21:50 0 d-------- C:\Programfiler\Elektroniske tjenester
2008-04-11 18:21:50 0 d-------- C:\Programfiler\CONEXANT
2008-04-11 18:21:50 0 d-------- C:\Programfiler\Analog Devices
2008-04-11 18:19:46 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Identities
2008-04-11 15:25:15 454974 --a------ C:\WINDOWS\system32\perfh014.dat
2008-04-11 15:25:15 83406 --a------ C:\WINDOWS\system32\perfc014.dat
2008-04-11 15:11:41 0 d-------- C:\Documents and Settings\Thomasv\Programdata\InstallShield
2008-04-11 13:09:09 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Mozilla
2008-04-11 12:48:59 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Apple Computer
2008-04-11 11:23:03 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Sun
2008-04-11 11:22:40 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Macromedia
2008-04-11 11:20:24 0 d-------- C:\Programfiler\Windows Media Connect
2008-04-11 10:56:56 0 d-------- C:\Documents and Settings\Thomasv\Programdata\Infineon
2008-04-11 10:41:22 0 d-------- C:\Programfiler\Java
2008-04-11 10:29:22 0 d-------- C:\Programfiler\Fellesfiler\Symantec Shared
2008-03-19 14:00:00 1630208 --a------ C:\WINDOWS\system32\nwiz.exe
2008-03-19 14:00:00 1019904 --a------ C:\WINDOWS\system32\nvwimg.dll
2008-03-19 14:00:00 1703936 --a------ C:\WINDOWS\system32\nvwdmcpl.dll
2008-03-19 14:00:00 466944 --a------ C:\WINDOWS\system32\nvshell.dll
2008-03-19 14:00:00 1486848 --a------ C:\WINDOWS\system32\nview.dll
2008-03-19 14:00:00 1339392 --a------ C:\WINDOWS\system32\nvdspsch.exe
2008-03-19 14:00:00 442368 --a------ C:\WINDOWS\system32\nvappbar.exe
2008-03-19 14:00:00 425984 --a------ C:\WINDOWS\system32\keystone.exe


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3AEF888-A3E2-44EB-BD85-F0C85BA7673F}]
16.04.2008 10:19 36352 --a------ C:\WINDOWS\system32\tuvVOGaw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06.09.2006 22:47]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [06.09.2006 22:47]
"nwiz"="nwiz.exe" [19.03.2008 14:00 C:\WINDOWS\system32\nwiz.exe]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"SoundMAX"="C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe" [06.05.2005 15:06]
"AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [16.01.2006 22:01]
"SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [22.02.2008 04:25]
"PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [14.02.2006 11:56]
"HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [16.02.2005 23:11]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [06.04.2006 05:20]
"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [15.09.2007 02:27]
"hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [14.02.2006 10:49]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [22.12.2003 20:12]
"QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [08.05.2006 09:56]
"Cpqset"="C:\Programfiler\HPQ\Default Settings\cpqset.exe" [22.02.2006 08:03]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [20.12.2005 16:51]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [09.03.2006 17:38]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [15.02.2006 17:43]
"WatchDog"="C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe" [08.11.2005 11:59]
"Norman ZANDA"="C:\Programfiler\Norman\Npm\bin\ZLH.exe" [09.08.2007 14:40]
"NDPS"="C:\WINDOWS\system32\dpmw32.exe" [17.05.2004 14:27]
"ZENRC Tray Icon"="C:\WINDOWS\system32\zentray.exe" [18.05.2005 17:04]
"NWTRAY"="NWTRAY.EXE" [12.03.2002 11:37 C:\WINDOWS\system32\nwtray.exe]
"iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [24.06.2005 15:16]
"QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [11.04.2008 12:48]
"Acrobat Assistant 7.0"="C:\Programfiler\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe" [12.01.2006 20:52]
"@"="" []
"SynTPStart"="C:\Programfiler\Synaptics\SynTP\SynTPStart.exe" [15.09.2007 02:29]
"SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [05.01.2007 22:36]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [04.08.2004 10:00]
"WMPNSCFG"="C:\Programfiler\Windows Media Player\WMPNSCFG.exe" [15.11.2006 10:46]
"pcmdyvvw"="C:\WINDOWS\system32\nqjkpgjy.exe" [16.04.2008 10:19]
"AWMON"="C:\Programfiler\Norman\Norman Ad-Aware SE Professional\Ad-Watch.exe" [27.06.2005 16:49]
"SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [28.01.2008 11:43]

C:\Documents and Settings\All Users\Start-meny\Programmer\Oppstart\
Adobe Acrobat Speed Launcher.lnk - C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-100000000002}\SC_Acrobat.exe [11.04.2008 14:24:44]
Adobe Gamma.lnk - C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe [16.03.2005 19:16:50]
BTTray.lnk - C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe [15.02.2006 16:16:02]
DVD Check.lnk - C:\Programfiler\InterVideo\DVD Check\DVDCheck.exe [11.04.2008 10:19:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"CompatibleRUPSecurity"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\Run]
"pADsSP8oOS"=C:\Documents and Settings\All Users\Programdata\zgpgnids\zozitwrq.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"pADsSP8oOS"=C:\Documents and Settings\All Users\Programdata\zgpgnids\zozitwrq.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{763370C4-268E-4308-A60C-D8DA0342BE32}"= C:\Programfiler\Novell\ZENworks\NalShell.dll [13.02.2007 15:49 454656]
"{F3AEF888-A3E2-44EB-BD85-F0C85BA7673F}"= C:\WINDOWS\system32\tuvVOGaw.dll [16.04.2008 10:19 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"System"="ziswin.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IfxWlxEN]
IfxWlxEN.dll 19.08.2005 15:52 389120 C:\WINDOWS\system32\IfxWlxEN.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\NetIdentity Notification]
C:\WINDOWS\system32\Novell\XtNotify.dll 10.01.2007 11:52 24576 C:\WINDOWS\system32\novell\xtnotify.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OneCard]
C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll 25.07.2005 20:41 40960 C:\Programfiler\HPQ\IAM\Bin\AsWlnPkg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tuvVOGaw]
tuvVOGaw.dll 16.04.2008 10:19 36352 C:\WINDOWS\system32\tuvVOGaw.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 nwv1_0
"Notification Packages"= scecli AsWlnPkg

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance ASChannel


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480




-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8392 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-04-17 14:47:25 ------------

Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: Norwegian

CPU 0: Intel® Core™2 CPU T7400 @ 2.16GHz
CPU 1: Intel® Core™2 CPU T7400 @ 2.16GHz
Percentage of Memory in Use: 41%
Physical Memory (total/avail): 2047.36 MiB / 1194.59 MiB
Pagefile Memory (total/avail): 3938.73 MiB / 3278.43 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1916.63 MiB

C: is Fixed (NTFS) - 85.9 GiB total, 51.29 GiB free.
D: is Fixed (NTFS) - 7.25 GiB total, 0.43 GiB free.
E: is CDROM (No Media)
X: is Removable (No Media)
Y: is Removable (No Media)
Z: is Fixed (NTFS) - 232.88 GiB total, 179.39 GiB free.

\\.\PHYSICALDRIVE0 - ST910021AS - 93.16 GiB - 2 partitions
\PARTITION0 (bootable) - Installerbart filsystem - 85.9 GiB - C:
\PARTITION1 - Installerbart filsystem - 7.25 GiB - D:

\\.\PHYSICALDRIVE3 - WD 2500JB External USB Device - 232.88 GiB - 1 partition
\PARTITION0 - Installerbart filsystem - 232.88 GiB - Z:

\\.\PHYSICALDRIVE2 - WD CR HS-5-IN-1 USB Device

\\.\PHYSICALDRIVE1 - WD CR HS-CF USB Device



-- Security Center -------------------------------------------------------------

AUOptions is set to notify before install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: Norman Virus Control ver. 5.90 v5.90 (Norman ASA)

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\WINDOWS\\system32\\mqsvc.exe"="C:\\WINDOWS\\system32\\mqsvc.exe:*:Enabled:Message Queuing"
"C:\\WINDOWS\\SMINST\\Scheduler.exe"="C:\\WINDOWS\\SMINST\\Scheduler.exe:*:Enabled:Scheduler "
"C:\\Novell\\GroupWise\\grpwise.exe"="C:\\Novell\\GroupWise\\grpwise.exe:*:Enabled:Novell GroupWise"
"C:\\Novell\\GroupWise\\notify.exe"="C:\\Novell\\GroupWise\\notify.exe:*:Enabled:Novell Notify"
"C:\\WINDOWS\\system32\\dpmw32.exe"="C:\\WINDOWS\\system32\\dpmw32.exe:*:Enabled:dpmw32.exe"
"C:\\Programfiler\\Adobe\\Acrobat 6.0\\Reader\\AcroRd32.exe"="C:\\Programfiler\\Adobe\\Acrobat 6.0\\Reader\\AcroRd32.exe:*:Enabled:Adobe Reader 6.0"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Programfiler\\iTunes\\iTunes.exe"="C:\\Programfiler\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Programfiler\\SopCast\\SopCast.exe"="C:\\Programfiler\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"C:\\Programfiler\\SopCast\\adv\\SopAdver.exe"="C:\\Programfiler\\SopCast\\adv\\SopAdver.exe:*:Disabled:SopCast Adver"
"C:\\Programfiler\\Azureus\\Azureus.exe"="C:\\Programfiler\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"C:\\Programfiler\\TVUPlayer\\TVUPlayer.exe"="C:\\Programfiler\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Thomasv\Programdata
CommonProgramFiles=C:\Programfiler\Fellesfiler
COMPUTERNAME=PC270461038819
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\
LOGONSERVER=\\PC270461038819
NpmLib=C:\Programfiler\Norman\Npm\Bin
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Programfiler\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Programfiler\HPQ\IAM\bin;C:\Programfiler\Norman\Npm\Bin;C:\WINDOWS\system32\nls;C:\WINDOWS\system32\nls\ENGLISH;C:\Programfiler\Novell\ZENworks\;C:\Programfiler\Fellesfiler\Avid;C:\Programfiler\Fellesfiler\Adobe\AGL
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramFiles=C:\Programfiler
PROMPT=$P$G
SESSIONNAME=Console
SonicCentral=C:\Programfiler\Fellesfiler\Sonic Shared\Sonic Central\
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Thomasv\LOKALE~1\Temp
TMP=C:\DOCUME~1\Thomasv\LOKALE~1\Temp
USERDOMAIN=PC270461038819
USERNAME=Thomasv
USERPROFILE=C:\Documents and Settings\Thomasv
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Thomasv (admin)
Administrator (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Programfiler\DivX\DivXConverterUninstall.exe /CONVERTER
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382}
--> C:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629}
--> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
--> msiexec /I {B2F5D08C-7E79-4FCD-AAF4-57AD35FF0601}
--> msiexec /I{7F4C8163-F259-49A0-A018-2857A90578BC}
--> MsiExec.exe /I{26DE0F0B-9CF1-4796-A1B5-01B912E35B46}
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only) --> C:\Programfiler\AC3Filter\uninstall.exe
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Creative Suite 2 --> C:\PROGRA~1\INSTAL~1\{0134A~1\setup.exe /relaunched/rootloc=e:\adobe creative suite 2.0/lang=0809
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe FrameMaker 8 --> MsiExec.exe /I{7B4CA480-7321-4AD4-BED1-F7177671C37E}
Adobe FrameMaker 8 p266 Patcher --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{7D8FC519-3BAC-4541-8D72-D64A9F0F5760}\Setup.exe" -l0x9
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Reader 6.0.1 - Norsk --> MsiExec.exe /I{AC76BA86-7AD7-1044-7B44-A00000000001}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe SVG Viewer 3.0 --> C:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Winstall.exe -u -fC:\Programfiler\Fellesfiler\Adobe\SVG Viewer 3.0\Uninstall\Install.log
Application Installer 4.00.B6 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{E0DBC47C-ED3F-4A1B-A929-9A26DAAA14B3}\setup.exe" -l0x14
Avid DIO Runtime --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{0887F932-C0DE-4201-B43D-D186F9A2C195}\SETUP.exe" -l0x9 -removeonly
Avid Xpress Pro HD --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A537CF6D-E8FF-4A75-A03D-29494C326603}\setup.exe" -l0x9 -removeonly
Azureus --> C:\Programfiler\Azureus\Uninstall.exe
CCleaner (remove only) --> "C:\Programfiler\CCleaner\uninst.exe"
Compatibility Pack for 2007 Office --> MsiExec.exe /X{90120000-0020-0414-0000-0000000FF1CE}
DivX Codec --> C:\Programfiler\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Programfiler\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Programfiler\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player --> C:\Programfiler\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player --> C:\Programfiler\DivX\DivXWebPlayerUninstall.exe /PLUGIN
GroupWise --> MsiExec.exe /I{90474A24-BE2C-4469-B3B6-BAA3E2919DF0}
HDAUDIO Soft Data Fax Modem with SmartCP --> C:\Programfiler\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA_hpq0033m\UIU32m.exe -U -Ihpq0033m.INF
HijackThis 2.0.2 --> "C:\Programfiler\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP BIOS Configuration for ProtectTools 2.00 E1 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{AE052EF7-2640-48D7-8915-69B810D975CB}\Setup.exe" -l0x14 biosuninst
HP Credential Manager for ProtectTools --> MsiExec.exe /X{B9F4C05D-E42F-4E9A-A73F-FDD9355319FB}
HP Embedded Security for ProtectTools --> MsiExec.exe /I{2298055A-F5E6-4332-9A15-C5D99870E72F}
HP Help and Support --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A93C4E94-1005-489D-BEAA-B873C1AA6CFC}\setup.exe" -l0x14 -removeonly
HP Integrated Module with Bluetooth wireless technology --> MsiExec.exe /X{3F4EC965-28EF-45C3-B063-04B25D4E9679}
HP Mobile Data Protection System --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{75ECB75A-522C-4312-8DE7-597CDA9D96A3}\setup.exe" -l0x14 UNINSTALL
HP Notebook Accessories Product Tour --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{A7AD8CEF-72D7-4FE4-8A14-DDD09DC86074}\setup.exe" -l0x9 -removeonly
HP Performance Tuning Framework --> MsiExec.exe /I{238C9494-4E09-4517-8C84-09D892F337C8}
HP ProtectTools Security Manager 2.00 C3 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{914E1AB1-DCA0-4A7D-935F-B58C4B887A2B}\Setup.exe" -l0x14 -removeonly hpquninst
HP Quick Launch Buttons 6.00 H1 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe" -l0x14 -removeonly uninst
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP User Guides 0013 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{1F89F212-2052-414A-8B7E-D8604C431BDF}\setup.exe" -l0x14 -removeonly
HP Wireless Assistant 2.00 E1 --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{4302B2DD-D958-40E3-BAF3-B07FFE1978CE}\setup.exe" -l0x14 hpquninst
Hurtigreparasjon for Windows XP (KB896256) --> "C:\WINDOWS\$NtUninstallKB896256$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB909095) --> "C:\WINDOWS\$NtUninstallKB909095$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB910728) --> "C:\WINDOWS\$NtUninstallKB910728$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB912436) --> "C:\WINDOWS\$NtUninstallKB912436$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB915326) --> "C:\WINDOWS\$NtUninstallKB915326$\spuninst\spuninst.exe"
Hurtigreparasjon for Windows XP (KB918005) --> "C:\WINDOWS\$NtUninstallKB918005$\spuninst\spuninst.exe"
Installeringsprogram for HP Backup and Recovery Manager --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x14 -uninst -removeonly
InterVideo DVD Check --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD --> "C:\Programfiler\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> C:\Programfiler\Fellesfiler\InstallShield\Driver\8\Intel 32\IDriver.exe /M{47808F78-F178-49DC-B708-15FE538B16FF}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Magic Online III --> C:\Programfiler\InstallShield Installation Information\{AF7733C1-FB0B-4FED-9730-E0433AF7A2EF}\setup.exe -runfromtemp -l0x0009 -removeonly
Microsoft Base Smart Card Cryptographic Service Provider-pakke --> "C:\WINDOWS\$NtUninstallbasecsp$\spuninst\spuninst.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003 --> MsiExec.exe /I{90110414-6000-11D3-8CFE-0150048383C9}
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.14) --> C:\Programfiler\Mozilla Firefox\uninstall\helper.exe
MSXML 6.0 Parser (KB933579) --> MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
NICI (Shared) U.S./Worldwide (128 bit) (2.7.3-1) --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{F02DBC5D-33E3-45E9-B0F8-B7745229ED1C}\Setup.exe" -uninst
NMAS Challenge Response Method --> MsiExec.exe /X{B9A5A789-D491-49FB-958C-BFEC2C11BB1D}
NMAS Client --> MsiExec.exe /I{9B427732-573E-4E78-B6FA-AC3E5A218BA2}
Norman Ad-Aware SE Professional --> C:\PROGRA~1\Norman\NORMAN~1\UNWISE.EXE C:\PROGRA~1\Norman\NORMAN~1\INSTALL.LOG
Norman Virus Control --> C:\Programfiler\Norman\NVC\BIN\DelNVC5.exe
Novell Client for Windows --> %SystemRoot%\system32\rundll32 nwsetup.dll NWUninstallClient
NVIDIA Drivers --> C:\WINDOWS\system32\nvuninst.exe UninstallGUI
Oppdatering for Windows XP (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB912945) -->
Oppdatering for Windows XP (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB920342) --> "C:\WINDOWS\$NtUninstallKB920342$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB925720) --> "C:\WINDOWS\$NtUninstallKB925720$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB925876) --> "C:\WINDOWS\$NtUninstallKB925876$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB936357) --> "C:\WINDOWS\$NtUninstallKB936357$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB938828) --> "C:\WINDOWS\$NtUninstallKB938828$\spuninst\spuninst.exe"
Oppdatering for Windows XP (KB942763) --> "C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Panda ActiveScan 2.0 --> C:\Programfiler\Panda Security\ActiveScan 2.0\as2uninst.exe
QuickPar 0.9 --> C:\Programfiler\QuickPar\uninst.exe
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
ReGet Deluxe --> C:\Programfiler\ReGet Software\ReGet Deluxe 5.2\ReGetDxUninstall.exe
Sentinel Protection Installer 7.0.0 --> MsiExec.exe /I{547D4265-AF45-42E9-A62A-C58182AA35B9}
Sikkerhetsoppdatering for Windows XP (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB893066) --> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB917537) --> "C:\WINDOWS\$NtUninstallKB917537$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB933729) --> "C:\WINDOWS\$NtUninstallKB933729$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB936021) --> "C:\WINDOWS\$NtUninstallKB936021$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB937894) --> "C:\WINDOWS\$NtUninstallKB937894$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB938127) --> "C:\WINDOWS\$NtUninstallKB938127$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941202) --> "C:\WINDOWS\$NtUninstallKB941202$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941568) --> "C:\WINDOWS\$NtUninstallKB941568$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941569) --> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941644) --> "C:\WINDOWS\$NtUninstallKB941644$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB941693) --> "C:\WINDOWS\$NtUninstallKB941693$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB943055) --> "C:\WINDOWS\$NtUninstallKB943055$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB943460) --> "C:\WINDOWS\$NtUninstallKB943460$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB943485) --> "C:\WINDOWS\$NtUninstallKB943485$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB944338) --> "C:\WINDOWS\$NtUninstallKB944338$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB944653) --> "C:\WINDOWS\$NtUninstallKB944653$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB945553) --> "C:\WINDOWS\$NtUninstallKB945553$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB946026) --> "C:\WINDOWS\$NtUninstallKB946026$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB947864) --> "C:\WINDOWS\$NtUninstallKB947864$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB948590) --> "C:\WINDOWS\$NtUninstallKB948590$\spuninst\spuninst.exe"
Sikkerhetsoppdatering for Windows XP (KB948881) --> "C:\WINDOWS\$NtUninstallKB948881$\spuninst\spuninst.exe"
Sonic Audio Module --> MsiExec.exe /I{AB708C9B-97C8-4AC9-899B-DBF226AC9382}
Sonic Copy Module --> MsiExec.exe /I{B12665F4-4E93-4AB4-B7FC-37053B524629}
Sonic Data Module --> MsiExec.exe /I{075473F5-846A-448B-BCB3-104AA1760205}
Sonic DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
Sonic Express Labeler --> MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sonic MyDVD Plus --> MsiExec.exe /I{21657574-BD54-48A2-9450-EB03B2C7FC29}
Sonic Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SopCast 3.0.1 --> C:\Programfiler\SopCast\uninst.exe
SoundMAX --> RunDll32 C:\PROGRA~1\FELLES~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Programfiler\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\Setup.exe" -l0x14 -removeonly
Spybot - Search & Destroy --> "C:\Programfiler\Spybot - Search & Destroy\unins000.exe"
Suite Specific --> MsiExec.exe /I{C49DAA9C-5BA8-459A-8244-E57B69DF0F04}
Synaptics Pointing Device Driver --> rundll32.exe "C:\Programfiler\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Texas Instruments PCIxx21/x515/xx12 drivers. --> C:\PROGRA~1\FELLES~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{7B6CF9EB-CB2B-4A1A-81A9-BE1A9044690A} /l1033
TVUPlayer 2.3.4.1 --> C:\Programfiler\TVUPlayer\uninst.exe
VideoLAN VLC media player 0.8.6f --> C:\Programfiler\VideoLAN\VLC\uninstall.exe
Windows Imaging Component --> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe"
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format SDK Hotfix - KB891122 --> "C:\WINDOWS\$NtUninstallKB891122$\spuninst\spuninst.exe"
Windows NT Messaging --> RunDll32 setupapi.dll,InstallHinfSection Uninstall 4 MSMail.inf
Windows Presentation Foundation --> MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows Presentation Foundation Language Pack (NOR) --> MsiExec.exe /X{B0534960-A7E2-4FFD-8E27-51B4B188633F}
Windows Workflow Foundation NO Language Pack --> MsiExec.exe /I{42F46A4E-1662-473F-A210-C5BB3BD385CC}
Windows XP hurtigreparasjon - KB873333 --> C:\WINDOWS\$NtUninstallKB873333$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB873339 --> C:\WINDOWS\$NtUninstallKB873339$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB883667 --> C:\WINDOWS\$NtUninstallKB883667$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885250 --> C:\WINDOWS\$NtUninstallKB885250$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885464 --> C:\WINDOWS\$NtUninstallKB885464$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885835 --> C:\WINDOWS\$NtUninstallKB885835$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885836 --> C:\WINDOWS\$NtUninstallKB885836$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885855 --> C:\WINDOWS\$NtUninstallKB885855$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB885884 --> C:\WINDOWS\$NtUninstallKB885884$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB886185 --> C:\WINDOWS\$NtUninstallKB886185$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB887472 --> C:\WINDOWS\$NtUninstallKB887472$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB888113 --> C:\WINDOWS\$NtUninstallKB888113$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB888239 --> C:\WINDOWS\$NtUninstallKB888239$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB888302 --> C:\WINDOWS\$NtUninstallKB888302$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB888402 --> C:\WINDOWS\$NtUninstallKB888402$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB889673 --> C:\WINDOWS\$NtUninstallKB889673$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB890859 --> "C:\WINDOWS\$NtUninstallKB890859$\spuninst\spuninst.exe"
Windows XP hurtigreparasjon - KB891781 --> C:\WINDOWS\$NtUninstallKB891781$\spuninst\spuninst.exe
Windows XP hurtigreparasjon - KB892559 --> "C:\WINDOWS\$NtUninstallKB892559$\spuninst\spuninst.exe"
WinPcap 4.0 --> C:\Programfiler\WinPcap\uninstall.exe
WinRAR Arkiverer --> C:\Programfiler\WinRAR\uninstall.exe
WM Recorder 12.0 --> C:\Programfiler\WMR11\Uninstal.exe
XML Paper Specification Shared Components Language Pack 1.0 --> "C:\WINDOWS\$NtUninstallXPSEPSCLP$\spuninst\spuninst.exe"
XML Paper Specification Shared Components Pack 1.0 -->
ZENworks Desktop Management Agent --> MsiExec.exe /I{0028ED8D-E938-4B81-B636-F20B3207086F}


-- Application Event Log -------------------------------------------------------

Event Record #/Type611 / Error
Event Submitted/Written: 04/17/2008 00:50:59 PM
Event ID/Source: 352 / IFXSPMGT
Event Description:
The Upgrade Tool returned an error.

Event Record #/Type601 / Error
Event Submitted/Written: 04/17/2008 08:25:11 AM
Event ID/Source: 352 / IFXSPMGT
Event Description:
The Upgrade Tool returned an error.

Event Record #/Type590 / Error
Event Submitted/Written: 04/16/2008 07:39:22 PM
Event ID/Source: 352 / IFXSPMGT
Event Description:
The Upgrade Tool returned an error.

Event Record #/Type583 / Error
Event Submitted/Written: 04/16/2008 06:36:05 PM
Event ID/Source: 352 / IFXSPMGT
Event Description:
The Upgrade Tool returned an error.

Event Record #/Type576 / Error
Event Submitted/Written: 04/16/2008 03:12:15 PM
Event ID/Source: 352 / IFXSPMGT
Event Description:
The Upgrade Tool returned an error.



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type1903 / Warning
Event Submitted/Written: 04/17/2008 00:47:46 PM / 04/17/2008 00:48:14 PM
Event ID/Source: 4 / b57w2k
Event Description:
Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Event Record #/Type1894 / Error
Event Submitted/Written: 04/17/2008 00:48:10 PM
Event ID/Source: 7034 / Service Control Manager
Event Description:
Tjenesten Avid Startup stoppet uventet. Dette har skjedd 1 gang(er).

Event Record #/Type1881 / Warning
Event Submitted/Written: 04/17/2008 00:46:20 PM
Event ID/Source: 4 / b57w2k
Event Description:
Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Event Record #/Type1877 / Warning
Event Submitted/Written: 04/17/2008 08:59:40 AM
Event ID/Source: 4 / b57w2k
Event Description:
Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.

Event Record #/Type1875 / Warning
Event Submitted/Written: 04/17/2008 08:33:49 AM
Event ID/Source: 4 / b57w2k
Event Description:
Broadcom NetXtreme Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.



-- End of Deckard's System Scanner: finished at 2008-04-17 14:47:25 ------------

Hi, Wellcome to Bleeping Computer Forums!

You might want to save this page on your favorites, so you can find it again when you return.


Please take note of the following:

• I will be handling your log and helping you, please do not make any system changes yet.
• The process is not instant. Please continue to review my answers until I tell you that your computer is clean. Be patience.
• The fixes are specific to your problem and should only be used for this issue on this machine
• If there's anything that you don't understand, please ask your question(s) before proceeding with the fixes.
• Please reply to this thread. Do not start a new topic.

Please give me some time to look over your log and I will get back to you as soon as possible.

Hello and thanks for your patient.

# Step 1 #

Your log(s) show that you are using so called peer-to-peer or file-sharing programmes (in your case Azureus).
These programmes allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and
you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Open Office."



# Step 2 #

Your log also show that you have two resident spyware protection running on your computer, specifically Ad-Watch.exe from Ad-Aware SE Professional and TeaTimer.exe from Spybot - Search & Destroy
I do not recommend that you have more than one running on your computer at a time. In general terms, the two programs may conflict between itself.

So please disable one of these residents, either Ad-Watch.exe or TeaTimer.exe


# Step 3 #

Download ComboFix from Here or Here to your Desktop.
Read first: "How to download and use ComboFix"
If you downloaded ComboFix previously, delete that version and download it again as the tool is frequently updated!

• Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.

• Double click combofix.exe and follow the prompts.
• When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
• Be sure to re-enable your anti-virus and other security programs, after ComboFix finished.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall.

Extra-Note: Please, DO NOT use ComboFix on your own. It is a very powerful tool designed to deal with sophisticated infections and if something goes wrong or you use it incorrectly, you could possibly lose the use of your computer. It is ONLY meant to be used under the direct supervision of a malware removal specialist. Please read Combofix's Disclaimer

Thanks for the help. Ran ComboFix and HJT. Here are the logs:

ComboFix 08-04-17.1 - Thomasv 2008-04-18 11:17:27.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1044.18.1226 [GMT 2:00]
Running from: C:\Documents and Settings\Thomasv\Skrivebord\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Thomasv\Skrivebordblackbird.jpg
C:\Documents and Settings\Thomasv\SkrivebordEditorFKWP1.5.exe
C:\Documents and Settings\Thomasv\SkrivebordEditorFKWP2.0.exe
C:\Documents and Settings\Thomasv\Skrivebordfilemanagerclient.exe
C:\Documents and Settings\Thomasv\Skrivebordfkwp1.5.exe
C:\Documents and Settings\Thomasv\Skrivebordfkwp2.0.exe
C:\Documents and Settings\Thomasv\Skrivebordfwebd.exe
C:\Documents and Settings\Thomasv\SkrivebordFWebdEditor.exe
C:\Documents and Settings\Thomasv\SkrivebordTrojan.Win32.BlackBird.exe
C:\Documents and Settings\Thomasv\Skrivebordvirii
C:\WINDOWS\system32\media
C:\WINDOWS\system32\media\AvidRender.wav
C:\WINDOWS\system32\tuvVOGaw.dll
C:\WINDOWS\system32bdn.com
C:\WINDOWS\system32hxiwlgpm.dat
C:\WINDOWS\system32ssvchost.com
C:\WINDOWS\system32taack.dat
C:\WINDOWS\system32VBIEWER.OCX

.
((((((((((((((((((((((((( Files Created from 2008-03-18 to 2008-04-18 )))))))))))))))))))))))))))))))
.

2008-04-18 11:20 . 2008-04-18 11:20 114,688 --a------ C:\WINDOWS\system32\chg.exe
2008-04-18 09:15 . 2008-04-18 09:15 <DIR> d-------- C:\Programfiler\Any Audio Converter
2008-04-18 09:08 . 2008-04-18 09:25 <DIR> d-------- C:\Programfiler\AUAU Audio Converter
2008-04-18 09:08 . 2008-04-18 09:08 34 --ah----- C:\WINDOWS\system32\VideoConverter_sysquict.dat
2008-04-18 09:04 . 2008-04-18 09:04 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\TEMP
2008-04-17 15:03 . 2008-04-18 10:41 <DIR> d-------- C:\Programfiler\Mozilla Thunderbird
2008-04-17 15:03 . 2008-04-17 15:03 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Thunderbird
2008-04-17 14:44 . 2008-04-17 14:44 <DIR> d-------- C:\Deckard
2008-04-16 19:37 . 2008-04-18 10:40 <DIR> dr-h----- C:\Documents and Settings\Thomasv\Siste
2008-04-16 19:05 . 2008-04-16 19:05 <DIR> d-------- C:\Programfiler\Trend Micro
2008-04-16 19:01 . 2008-04-16 19:01 <DIR> d-------- C:\Programfiler\CCleaner
2008-04-16 15:08 . 2008-04-16 15:08 5,668 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-16 14:55 . 2008-04-16 14:56 <DIR> d-------- C:\Programfiler\Panda Security
2008-04-16 11:58 . 2008-04-16 11:58 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\TmpRecentIcons
2008-04-16 10:19 . 2008-04-16 15:12 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\zgpgnids
2008-04-16 10:19 . 2008-04-15 20:07 253,952 --a------ C:\WINDOWS\lgmxvpatkmb.dll
2008-04-16 10:19 . 2008-04-16 10:19 106,496 --a------ C:\WINDOWS\system32\nqjkpgjy.exe
2008-04-16 10:19 . 2008-04-15 20:07 106,496 --a------ C:\WINDOWS\npqtsrak.exe
2008-04-16 10:19 . 2008-04-15 20:07 98,304 --a------ C:\WINDOWS\rtqmekwg.exe
2008-04-16 09:51 . 2008-04-16 09:51 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2008-04-16 09:12 . 2008-04-16 09:12 <DIR> d-------- C:\Programfiler\WinPcap
2008-04-16 09:09 . 2008-04-16 09:22 <DIR> d-------- C:\Programfiler\WMR11
2008-04-14 09:32 . 2008-04-14 09:32 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe Systems Shared
2008-04-14 08:49 . 2008-04-14 08:49 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\FLEXnet
2008-04-14 08:48 . 2008-04-14 08:48 <DIR> d-------- C:\Programfiler\Fellesfiler\Macrovision Shared
2008-04-14 08:38 . 2008-04-14 08:38 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Sonic
2008-04-14 00:00 . 2008-04-14 00:00 <DIR> d-------- C:\Programfiler\QuickPar
2008-04-13 18:22 . 2008-04-13 18:22 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Norman
2008-04-13 16:51 . 2008-04-13 16:51 <DIR> d-------- C:\Temp\MTGOInstall
2008-04-13 16:51 . 2008-04-13 16:51 <DIR> d-------- C:\Temp
2008-04-13 16:51 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-04-13 15:43 . 2008-04-13 15:44 <DIR> d-------- C:\Programfiler\TVUPlayer
2008-04-13 15:43 . 2008-04-13 15:43 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\TVU Networks
2008-04-13 15:06 . 2008-04-13 15:06 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Talkback
2008-04-13 12:29 . 2008-04-13 12:29 5,365 --a------ C:\WT61NO.UWL
2008-04-12 21:55 . 2008-04-12 21:55 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\NVIDIA
2008-04-12 20:01 . 2008-04-15 21:48 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\DivX
2008-04-12 17:29 . 2008-04-12 17:29 <DIR> d-------- C:\Programfiler\DivX
2008-04-12 17:29 . 2007-11-30 00:30 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2008-04-12 17:16 . 2008-04-12 17:17 <DIR> d-------- C:\Programfiler\ReGet Software
2008-04-12 17:16 . 2008-04-12 21:53 <DIR> d-------- C:\Programfiler\Fellesfiler\ReGet Shared
2008-04-12 17:16 . 2008-04-18 09:15 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\ReGet Software
2008-04-12 17:16 . 2008-04-12 17:16 57 --a------ C:\WINDOWS\english.lng
2008-04-12 17:05 . 2008-04-12 17:05 <DIR> d-------- C:\Programfiler\Azureus
2008-04-12 17:05 . 2008-04-18 10:58 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Azureus
2008-04-12 16:48 . 2008-04-12 16:52 <DIR> d-------- C:\Programfiler\SopCast
2008-04-12 16:32 . 2008-04-12 16:32 <DIR> d-------- C:\Documents and Settings\Thomasv\Bluetooth Software
2008-04-11 18:39 . 2008-04-11 18:39 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT
2008-04-11 18:38 . 2008-04-11 18:38 <DIR> d-------- C:\WINDOWS\i386
2008-04-11 15:12 . 2008-04-13 13:50 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Wizards of the Coast
2008-04-11 15:12 . 2008-04-12 17:46 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\vlc
2008-04-11 15:11 . 2008-04-13 16:48 <DIR> d-------- C:\Programfiler\Wizards of the Coast
2008-04-11 15:11 . 2008-04-11 15:11 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\InstallShield
2008-04-11 14:18 . 2008-04-11 14:18 <DIR> d-------- C:\WINDOWS\system32\Adobe
2008-04-11 14:18 . 2004-08-17 02:40 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2008-04-11 14:11 . 2008-04-16 14:55 2,477 --a------ C:\WINDOWS\mozver.dat
2008-04-11 14:07 . 2008-04-18 11:15 86 --a------ C:\WINDOWS\WPCMAPI.INI
2008-04-11 13:09 . 2008-04-11 13:09 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Programfiler\QuickTime
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Programfiler\iTunes
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Programfiler\iPod
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Apple Computer
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\QuickTime
2008-04-11 12:48 . 2008-04-11 12:48 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Apple Computer
2008-04-11 12:48 . 1999-11-10 12:05 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2008-04-11 12:47 . 2008-04-11 13:14 <DIR> d-------- C:\Avid
2008-04-11 12:46 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-04-11 12:46 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-04-11 12:09 . 2008-04-11 12:09 <DIR> d-------- C:\Programfiler\Fellesfiler\Digidesign
2008-04-11 12:08 . 2008-04-11 12:08 <DIR> d-------- C:\Programfiler\Fellesfiler\Avid
2008-04-11 12:08 . 2008-04-11 12:09 <DIR> d-------- C:\Programfiler\Avid
2008-04-11 12:08 . 2001-03-23 19:32 2,981,888 --a------ C:\WINDOWS\system32\iplw7.dll
2008-04-11 12:07 . 2008-04-11 12:07 <DIR> d-------- C:\Programfiler\SafeNet Sentinel
2008-04-11 12:07 . 2008-04-11 12:07 <DIR> d-------- C:\Programfiler\Fellesfiler\SafeNet Sentinel
2008-04-11 12:05 . 2008-04-11 12:05 <DIR> d-------- C:\Programfiler\MSXML 6.0
2008-04-11 12:05 . 2008-04-11 12:05 <DIR> d-------- C:\Programfiler\AC3Filter
2008-04-11 12:05 . 2007-08-18 09:54 380,928 --a------ C:\WINDOWS\system32\ac3filter.acm
2008-04-11 12:03 . 2008-04-11 12:03 <DIR> d-------- C:\Programfiler\VideoLAN
2008-04-11 11:27 . 2008-04-11 11:27 <DIR> d-------- C:\Programfiler\MSXML 4.0
2008-04-11 11:26 . 2008-04-14 09:32 <DIR> d-------- C:\Programfiler\Fellesfiler\Adobe
2008-04-11 11:26 . 2008-04-14 10:34 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\AdobeUM
2008-04-11 11:25 . 2008-04-11 15:23 <DIR> d-------- C:\WINDOWS\system32\nb-NO
2008-04-11 11:24 . 2008-04-11 11:24 <DIR> d-------- C:\Programfiler\MSBuild
2008-04-11 11:23 . 2008-04-11 11:23 <DIR> d-------- C:\WINDOWS\Sun
2008-04-11 11:22 . 2008-04-11 12:07 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2008-04-11 11:22 . 2008-04-11 11:22 <DIR> d-------- C:\Programfiler\Reference Assemblies
2008-04-11 11:22 . 2006-06-29 13:07 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2008-04-11 11:21 . 2008-04-11 11:21 <DIR> d-------- C:\Programfiler\Windows Media Connect 2
2008-04-11 11:21 . 2008-04-11 11:21 <DIR> d-------- C:\b4ed6d7b4fbcbb4abca49b1daa
2008-04-11 11:21 . 2006-10-04 16:06 1,197,294 --------- C:\WINDOWS\system32\dllcache\sysmain.sdb
2008-04-11 11:21 . 2006-10-04 16:06 764,868 --------- C:\WINDOWS\system32\dllcache\apph_sp.sdb
2008-04-11 11:21 . 2006-10-04 16:06 217,118 --------- C:\WINDOWS\system32\dllcache\apphelp.sdb
2008-04-11 11:20 . 2008-04-12 17:56 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2008-04-11 11:20 . 2008-04-11 11:20 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-04-11 11:18 . 2006-08-21 11:14 128,896 --------- C:\WINDOWS\system32\dllcache\fltmgr.sys
2008-04-11 11:18 . 2006-08-21 11:14 23,040 --------- C:\WINDOWS\system32\dllcache\fltmc.exe
2008-04-11 11:18 . 2006-08-21 14:28 16,896 --------- C:\WINDOWS\system32\dllcache\fltlib.dll
2008-04-11 11:12 . 2007-07-09 15:11 584,192 --------- C:\WINDOWS\system32\dllcache\rpcrt4.dll
2008-04-11 11:07 . 2008-04-11 11:07 <DIR> d--hs---- C:\Documents and Settings\Thomasv\UserData
2008-04-11 11:05 . 2004-03-22 15:17 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2008-04-11 11:05 . 2008-04-11 11:05 382 --a------ C:\WINDOWS\ODBC.INI
2008-04-11 11:02 . 2008-04-11 11:02 <DIR> d-------- C:\Programfiler\Microsoft Works
2008-04-11 11:01 . 2008-04-11 11:04 <DIR> d-------- C:\WINDOWS\SHELLNEW
2008-04-11 11:01 . 2008-04-11 11:01 <DIR> d-------- C:\Programfiler\Microsoft.NET
2008-04-11 10:59 . 2008-04-11 10:59 153,284 --a------ C:\WINDOWS\hifm.bmp
2008-04-11 10:57 . 2008-04-18 11:21 <DIR> d-------- C:\Zenworks
2008-04-11 10:56 . 2008-04-18 11:21 <DIR> d--h----- C:\NALCache
2008-04-11 10:56 . 2008-04-14 09:12 <DIR> dr------- C:\Documents and Settings\Thomasv\Start-meny
2008-04-11 10:56 . 2006-09-27 07:09 <DIR> d--h----- C:\Documents and Settings\Thomasv\Skrivere
2008-04-11 10:56 . 2008-04-18 11:06 <DIR> d-------- C:\Documents and Settings\Thomasv\Skrivebord
2008-04-11 10:56 . 2006-09-27 07:09 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\SampleView
2008-04-11 10:56 . 2008-04-11 10:56 <DIR> d-------- C:\Documents and Settings\Thomasv\Programdata\Infineon
2008-04-11 10:56 . 2008-04-17 15:03 <DIR> dr-h----- C:\Documents and Settings\Thomasv\Programdata
2008-04-11 10:56 . 2008-04-18 10:49 <DIR> dr------- C:\Documents and Settings\Thomasv\Mine dokumenter
2008-04-11 10:56 . 2008-04-11 18:19 <DIR> d--h----- C:\Documents and Settings\Thomasv\Maler
2008-04-11 10:56 . 2008-04-11 18:19 <DIR> d--h----- C:\Documents and Settings\Thomasv\Lokale innstillinger
2008-04-11 10:56 . 2008-04-16 13:04 <DIR> dr------- C:\Documents and Settings\Thomasv\Favoritter
2008-04-11 10:56 . 2008-04-15 10:47 <DIR> d--h----- C:\Documents and Settings\Thomasv\AndrMask
2008-04-11 10:56 . 2008-04-18 11:19 <DIR> d-------- C:\Documents and Settings\Thomasv
2008-04-11 10:56 . 2008-04-18 11:22 323,584 --ah----- C:\Documents and Settings\Thomasv\ntuser.dat.LOG
2008-04-11 10:52 . 2008-04-11 10:52 <DIR> d-------- C:\Programfiler\Spybot - Search & Destroy
2008-04-11 10:52 . 2008-04-11 10:52 <DIR> d-------- C:\Programfiler\Novell
2008-04-11 10:52 . 2008-04-16 10:56 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-18 09:20 0 ----a-w C:\WINDOWS\system32\drivers\WFTDriverLog.txt
2008-04-18 07:26 --------- d-----w C:\Programfiler\Java
2008-04-14 07:42 --------- d--h--w C:\Programfiler\InstallShield Installation Information
2008-04-11 16:24 --------- d-----w C:\Programfiler\Synaptics
2008-04-11 16:23 --------- d-----w C:\Programfiler\Sonic
2008-04-11 16:23 --------- d-----w C:\Programfiler\microsoft frontpage
2008-04-11 16:22 --------- d-----w C:\Programfiler\HPQ
2008-04-11 16:22 --------- d-----w C:\Programfiler\Hp
2008-04-11 16:22 --------- d-----w C:\Programfiler\Hewlett-Packard
2008-04-11 16:22 --------- d-----w C:\Programfiler\Fingerprint Sensor
2008-04-11 16:22 --------- d-----w C:\Programfiler\Fellesfiler\Tjenester
2008-04-11 16:22 --------- d-----w C:\Programfiler\Fellesfiler\TiVo Shared
2008-04-11 16:22 --------- d-----w C:\Programfiler\Fellesfiler\SureThing Shared
2008-04-11 16:21 --------- d-----w C:\Programfiler\Fellesfiler\Sonic Shared
2008-04-11 16:21 --------- d-----w C:\Programfiler\Fellesfiler\LightScribe
2008-04-11 16:21 --------- d-----w C:\Programfiler\Fellesfiler\Java
2008-04-11 16:21 --------- d-----w C:\Programfiler\Fellesfiler\InstallShield
2008-04-11 16:21 --------- d-----w C:\Programfiler\Elektroniske tjenester
2008-04-11 16:21 --------- d-----w C:\Programfiler\CONEXANT
2008-04-11 16:21 --------- d-----w C:\Programfiler\Analog Devices
2008-04-11 16:19 --------- d-----w C:\Documents and Settings\All Users\Programdata\InstallShield
2008-04-11 16:19 --------- d-----w C:\Documents and Settings\All Users\Programdata\hpqLog
2008-04-11 09:20 --------- d-----w C:\Programfiler\Windows Media Connect
2008-04-11 08:29 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared
2008-04-11 08:29 --------- d-----w C:\Documents and Settings\All Users\Programdata\Symantec
2008-03-19 12:00 6,547,488 ----a-w C:\WINDOWS\system32\drivers\nv4_mini.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F3AEF888-A3E2-44EB-BD85-F0C85BA7673F}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 10:00 15360]
"WMPNSCFG"="C:\Programfiler\Windows Media Player\WMPNSCFG.exe" [2006-11-15 10:46 204288]
"pcmdyvvw"="C:\WINDOWS\system32\nqjkpgjy.exe" [2008-04-16 10:19 106496]
"AWMON"="C:\Programfiler\Norman\Norman Ad-Aware SE Professional\Ad-Watch.exe" [2005-06-27 16:49 516608]
"SpybotSD TeaTimer"="C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-03-19 14:00 13524992]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2008-03-19 14:00 86016]
"nwiz"="nwiz.exe" [2008-03-19 14:00 1630208 C:\WINDOWS\system32\nwiz.exe]
"MsmqIntCert"="regsvr32 /s mqrt.dll" []
"SoundMAX"="C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe" [2005-05-06 15:06 716800]
"AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [2006-01-16 22:01 53248]
"PTHOSTTR"="C:\Programfiler\HPQ\HP ProtectTools Security Manager\PTHOSTTR.exe" [2006-02-14 11:56 122880]
"HP Software Update"="C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2006-04-06 05:20 122940]
"SynTPEnh"="C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 02:27 1015808]
"hpWirelessAssistant"="C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe" [2006-02-14 10:49 454656]
"CognizanceTS"="C:\PROGRA~1\HPQ\IAM\Bin\AsTsVcc.dll" [2003-12-22 20:12 17920]
"QlbCtrl"="C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2006-05-08 0