CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede puter_phill Juniormester
23. januar 2007 - 11:45 Der er 9 kommentarer

trojan.peacomm

Der er nettop oprettet en tråd for denne, men jeg fik anbefalet at åbne min egen.

Norton Anti Virus (NAV) melder at computeren er i fare og at det haster, opdaterer man med liveupdate siger computeren kort efter igen, at computeren er i fare, vælger man beskyt mig nu, fortæller den at opdatereingen misslykkedes og at man skal køre liveupdate.

Jeg har prøvet at installere og køre 'trojanhunter', men denne crasher hver gang jeg kører en scan!

Hvad gør 'hijackthis'? jeg har set den blive nævnt et par gange.

Maskinen er på 'XP' ( et andet problem er at man ikke kan fremkalde 'fejlsikret tilstand'. ved F8 giver den mulighed for at starte op fra hdd, cd drev og a:)

Der vil nok være lidt latents tid da det er min kammerats puter der er syg. men tak for svar.
Avatar billede ejvindh Ekspert
23. januar 2007 - 11:51 #1
Jeg vil bede dig om 2 logs:
(1) Download Gmer-rootkit scanner, og pak den ud til skrivebordet:
http://www.young-andersen.dk/gamer/gamer.zip
Start med at omdøbe programmet gmer.exe (fx til abc.exe). Kør programmet, klik på fanebladet "Rootkit", og klik på "Scan". Imens der scannes, er det vigtigt at du ikke bruger computeren til andre ting. Når scanningen er færdig, skal du klikke på "Copy". Så dukker et vindue op, som fortæller at resultatet af rootkit-scanningen er blevet lagt ind i udklipsholderen. Du kan herefter gå ind i denne tråd, og kopiere indholdet herind, ved at stille dig i indtastningsfeltet, og trykke ctrl-v.

Enkelte gange bliver Gmer-loggen ret lang. I så fald kan det blive nødvendigt at du lægger den herind i flere dele.

(2) Hent Oldtimer's WinPFind3 herfra:
http://download.bleepingcomputer.com/oldtimer/winpfind3u.exe

Dobbeltklik på WinPFind3u, som du hentede, og klik på Extract. Så udpakkes programmet i en særskilt mappe. Gå ind i denne mappe, og dobbeltklik på WinPFind3U.exe. Sæt så flueben og prikker på følgende måde:

Processes: Non-Microsoft
Win32 Services: Non-Microsoft
Driver Services: Non-Microsoft
Registry:  Non-Microsoft
Files Created Within: 30 Days, Non-Microsoft Only
Files Modified Within: 30 Days, Non-Microsoft Only
File String Search: Non-Microsoft

Klik herefter på "Run Scan". Efter noget tid vil der dukke en logfil op, som du gerne må paste herind. Muligvis vil loggen være så lang, at den ikke kan være i en enkelt post. Så må du lægge den ind i flere dele.
Avatar billede puter_phill Juniormester
24. januar 2007 - 16:46 #2
Tak for respons,
Dagen efter virker NAV fint, og siger at der ikke længere er fare for ponyen på computeren! om det så er liveupdate der har virket ved genstart? ved jeg ikke.

Tak for din tid ejvindh. - mvh.
Avatar billede ejvindh Ekspert
24. januar 2007 - 16:54 #3
Ja, den oplevelse er der mange har haft. Det var tilsyneladende bare Norton, der annoncerede at infektionen KUNNE dukke op, selvom de endnu ikke havde en beskyttelse imod den. Den betød altså ikke nødvendigvis at man VAR blevet inficeret :-)
Avatar billede lotteh Nybegynder
14. marts 2007 - 20:38 #4
jeg har også haft denne trojan. peacomm. jeg har gjort som i anbefaler her og nu er beskeden fra norton forsvundet. dejligt..
Nu vil jeg så fortælle at min computer er blevet meget langsom i opstart. jeg renser den med alm spy Ware programmer og alt det andet man almindeligvis gør for at vedligeholde computeren. Jeg ved at der findes vira der ligger sig i opstart som alm. programmer ikke kan fjerne. Hvordan finder jeg ud af om jeg har sådan noget i opstarten? Og hvordan skiller jeg mig af med dem?

LotteH
Avatar billede lotteh Nybegynder
14. marts 2007 - 21:03 #5
Hmmm det ser alligevel ud til at jeg får advarsel om den trojan. peacomm.. kan jeg ikke forstå
Avatar billede ejvindh Ekspert
14. marts 2007 - 21:25 #6
Jeg vil anbefale at du opretter din egen tråd, og får lavet en ordentlig analyse af din computer. De råd som jeg nåede at give her fjerner ikke noget -- de giver højst mulighed for at SE infektionen. Efterfølgende resterer et arbejde med at fhjerne den :-)
Avatar billede lotteh Nybegynder
14. marts 2007 - 21:25 #7
GMER 1.0.12.12086 - http://www.gmer.net
Rootkit scan 2007-03-14 21:17:08
Windows 5.1.2600 Service Pack 2


---- System - GMER 1.0.12 ----

SSDT    8182BAD8                                                                                ZwConnectPort
SSDT    81AB8EB0                                                                                ZwOpenProcess
SSDT    815403C8                                                                                ZwOpenThread

---- User code sections - GMER 1.0.12 ----

.text  C:\Programmer\MSN Messenger\msnmsgr.exe[2752] kernel32.dll!SetUnhandledExceptionFilter  7C84479D 5 Bytes  JMP 004DE392 C:\Programmer\MSN Messenger\MsnMsgr.Exe

---- Devices - GMER 1.0.12 ----

Device  \FileSystem\Fastfat \Fat IRP_MJ_CREATE                                                  A1217C8A
Device  \FileSystem\Fastfat \Fat IRP_MJ_CLOSE                                                  A12147C8
Device  \FileSystem\Fastfat \Fat IRP_MJ_READ                                                    A121060A
Device  \FileSystem\Fastfat \Fat IRP_MJ_WRITE                                                  A1210AED
Device  \FileSystem\Fastfat \Fat IRP_MJ_QUERY_INFORMATION                                      A121B958
Device  \FileSystem\Fastfat \Fat IRP_MJ_SET_INFORMATION                                        A121E821
Device  \FileSystem\Fastfat \Fat IRP_MJ_QUERY_EA                                                A122738A
Device  \FileSystem\Fastfat \Fat IRP_MJ_SET_EA                                                  A1226D49
Device  \FileSystem\Fastfat \Fat IRP_MJ_FLUSH_BUFFERS                                          A1220BBE
Device  \FileSystem\Fastfat \Fat IRP_MJ_QUERY_VOLUME_INFORMATION                                A1221331
Device  \FileSystem\Fastfat \Fat IRP_MJ_SET_VOLUME_INFORMATION                                  A122F4F4
Device  \FileSystem\Fastfat \Fat IRP_MJ_DIRECTORY_CONTROL                                      A1217B37
Device  \FileSystem\Fastfat \Fat IRP_MJ_FILE_SYSTEM_CONTROL                                    A1213948
Device  \FileSystem\Fastfat \Fat IRP_MJ_DEVICE_CONTROL                                          A121D46B
Device  \FileSystem\Fastfat \Fat IRP_MJ_SHUTDOWN                                                A122E79D
Device  \FileSystem\Fastfat \Fat IRP_MJ_LOCK_CONTROL                                            A122DC4A
Device  \FileSystem\Fastfat \Fat IRP_MJ_CLEANUP                                                A12142FD
Device  \FileSystem\Fastfat \Fat IRP_MJ_PNP                                                    A122E1DB
Device  \FileSystem\Fastfat \Fat FastIoCheckIfPossible                                          A12291F9

---- EOF - GMER 1.0.12 ----

Log(1)

WinPFind3 logfile created on: 14-03-2007 21:21:40
WinPFind3U by OldTimer - Version 1.0.20    Folder = C:\Documents and Settings\Lotte\Skrivebord\WinPFind3u\
Microsoft Windows XP Service Pack 2 (Version = 5.1.2600)
Internet Explorer (Version = 6.0.2900.2180)

523760 Kb Total Physical Memory | 82516 Kb Available Physical Memory | 15,75% Memory free
1274628 Kb Paging File | 915100 Kb Available in Paging File | 71,79% Paging File free
Paging file location(s): C:\pagefile.sys 0 0;

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Programmer
Drive C: | 237890516 Kb Total Space | 223099240 Kb Free Space | 93,78% Space Free
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded


[Processes - Non-Microsoft Only]
aboard.exe -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
aosd.exe -> %SystemDrive%\APPS\ABOARD\AOSD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 69632 bytes | Modified Date = 02-05-2003 10:31:38 | Attr =    ]
atiptaxx.exe -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 12-08-2004 20:10:00 | Attr =    ]
avgamsvr.exe -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.445 | Size = 353792 bytes | Modified Date = 24-02-2007 11:30:08 | Attr =    ]
avgcc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 09-02-2007 17:18:12 | Attr =    ]
avgupsvc.exe -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 27-01-2007 19:53:38 | Attr =    ]
ccapp.exe -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 58992 bytes | Modified Date = 04-08-2005 10:06:52 | Attr =    ]
ccevtmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 198256 bytes | Modified Date = 04-08-2005 10:07:26 | Attr =    ]
ccproxy.exe -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.4.3 | Size = 235120 bytes | Modified Date = 14-04-2005 13:39:58 | Attr =    ]
ccsetmgr.exe -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 181872 bytes | Modified Date = 04-08-2005 10:09:00 | Attr =    ]
clcapsvc.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ->  [Ver = 4.00.1214 | Size = 176220 bytes | Modified Date = 28-01-2005 10:11:10 | Attr =    ]
clmlserver.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1101 | Size = 24576 bytes | Modified Date = 28-01-2005 10:11:40 | Attr =    ]
clmlservice.exe -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLService.exe -> Cyberlink [Ver = 1, 1, 0, 1101 | Size = 737379 bytes | Modified Date = 28-01-2005 10:11:42 | Attr =    ]
clsched.exe -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe ->  [Ver = 4.00.1214 | Size = 110682 bytes | Modified Date = 28-01-2005 10:11:14 | Attr =    ]
hpwuschd2.exe -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 16-02-2005 23:11:42 | Attr =    ]
hpzipm12.exe -> %System32%\HPZipm12.exe -> HP [Ver = 9, 0, 0, 0 | Size = 69632 bytes | Modified Date = 29-09-2004 12:14:36 | Attr =    ]
issvc.exe -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18-04-2005 19:49:24 | Attr =    ]
jusched.exe -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15-12-2006 03:23:28 | Attr =    ]
navapsvc.exe -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177288 bytes | Modified Date = 29-11-2005 12:34:00 | Attr =    ]
pcmservice.exe -> %SystemDrive%\APPS\Powercinema\PCMService.exe -> CyberLink Corp. [Ver = 4.0.0.0000 | Size = 110740 bytes | Modified Date = 28-01-2005 10:10:32 | Attr =    ]
qttask.exe -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 16-08-2005 14:01:00 | Attr =    ]
sndsrvc.exe -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05-04-2005 11:17:22 | Attr =    ]
soundman.exe -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.39 | Size = 77824 bytes | Modified Date = 17-05-2005 17:48:32 | Attr =    ]
spbbcsvc.exe -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21-07-2004 16:24:04 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\WinPFind3u\WinPFind3U.exe -> Oldtimer Tools [Ver = 1.0.20.0 | Size = 310784 bytes | Modified Date = 04-03-2007 13:21:48 | Attr =    ]

[Win32 Services - Non-Microsoft Only]
(ATI Smart) ATI Smart [Win32_Own | Auto | Stopped] -> %System32%\ati2sgag.exe ->  [Ver = 5.13.0020 | Size = 516096 bytes | Modified Date = 12-08-2004 20:10:00 | Attr =    ]
(Avg7Alrt) AVG7 Alert Manager Server [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgamsvr.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.445 | Size = 353792 bytes | Modified Date = 24-02-2007 11:30:08 | Attr =    ]
(Avg7UpdSvc) AVG7 Update Service [Win32_Own | Auto | Running] -> %ProgramFiles%\Grisoft\AVG Free\avgupsvc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.420 | Size = 49664 bytes | Modified Date = 27-01-2007 19:53:38 | Attr =    ]
(ccEvtMgr) Symantec Event Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCEVTMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 198256 bytes | Modified Date = 04-08-2005 10:07:26 | Attr =    ]
(ccProxy) Symantec Network Proxy [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCPROXY.EXE -> Symantec Corporation [Ver = 103.0.4.3 | Size = 235120 bytes | Modified Date = 14-04-2005 13:39:58 | Attr =    ]
(ccPwdSvc) Symantec Password Validation [Win32_Own | On_Demand | Stopped] -> %CommonProgramFiles%\Symantec Shared\CCPWDSVC.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 79472 bytes | Modified Date = 04-08-2005 10:08:32 | Attr =    ]
(ccSetMgr) Symantec Settings Manager [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\CCSETMGR.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 181872 bytes | Modified Date = 04-08-2005 10:09:00 | Attr =    ]
(CLCapSvc) CyberLink Background Capture Service (CBCS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLCapSvc.exe ->  [Ver = 4.00.1214 | Size = 176220 bytes | Modified Date = 28-01-2005 10:11:10 | Attr =    ]
(CLSched) CyberLink Task Scheduler (CTS) [Win32_Own | Auto | Running] -> %SystemDrive%\APPS\Powercinema\Kernel\TV\CLSched.exe ->  [Ver = 4.00.1214 | Size = 110682 bytes | Modified Date = 28-01-2005 10:11:14 | Attr =    ]
(CyberLink Media Library Service) CyberLink Media Library Service [Win32_Own | Auto | Running] -> %ProgramFiles%\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe -> Cyberlink [Ver = 1, 1, 0, 1101 | Size = 24576 bytes | Modified Date = 28-01-2005 10:11:40 | Attr =    ]
(dmadmin) Logical Disk Manager Administrative Service [Win32_Shared | On_Demand | Stopped] -> %System32%\dmadmin.exe -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 225280 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
(ISSVC) ISSVC [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\ISSVC.exe -> Symantec Corporation [Ver = 8.0.5.14 | Size = 83584 bytes | Modified Date = 18-04-2005 19:49:24 | Attr =    ]
(navapsvc) Norton AntiVirus Auto-Protect-tjeneste [Win32_Own | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVAPSVC.EXE -> Symantec Corporation [Ver = 11.0.16.2 | Size = 177288 bytes | Modified Date = 29-11-2005 12:34:00 | Attr =    ]
(Pml Driver HPZ12) Pml Driver HPZ12 [Win32_Own | Auto | Running] -> %System32%\HPZipm12.exe -> HP [Ver = 9, 0, 0, 0 | Size = 69632 bytes | Modified Date = 29-09-2004 12:14:36 | Attr =    ]
(SAVScan) SAVScan [Win32_Own | On_Demand | Stopped] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVSCAN.EXE -> Symantec Corporation [Ver = 9.4.2.1 | Size = 198368 bytes | Modified Date = 07-03-2005 21:59:36 | Attr =    ]
(SNDSrvc) Symantec Network Drivers Service [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SNDSrvc.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 206552 bytes | Modified Date = 05-04-2005 11:17:22 | Attr =    ]
(SPBBCSvc) Symantec SPBBCSvc [Win32_Own | Auto | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCSvc.exe -> Symantec Corporation [Ver = 1,0,1,47 | Size = 173160 bytes | Modified Date = 21-07-2004 16:24:04 | Attr =    ]

[Driver Services - Non-Microsoft Only]
(3xHybrid) 3xHybrid service [Kernel | On_Demand | Running] -> %System32%\drivers\3xHybrid.sys -> Philips Semiconductors GmbH [Ver = 1, 3, 2, 6 | Size = 799744 bytes | Modified Date = 27-05-2005 11:51:26 | Attr =    ]
(Abiosdsk) Abiosdsk [Kernel | Disabled | Stopped] ->  -> File not found
(ALCXWDM) Service for Realtek AC97 Audio (WDM) [Kernel | On_Demand | Running] -> %System32%\drivers\ALCXWDM.SYS -> Realtek Semiconductor Corp. [Ver = 5.10.5850 built by: WinDDK | Size = 2319680 bytes | Modified Date = 18-05-2005 16:50:30 | Attr =    ]
(AliIde) AliIde [Kernel | Boot | Running] -> %System32%\drivers\aliide.sys -> Acer Laboratories Inc. [Ver = 1.20 | Size = 5248 bytes | Modified Date = 17-08-2001 20:51:56 | Attr =    ]
(amdagp) Filterdriver til AMD AGP-bus [Kernel | Boot | Running] -> %System32%\drivers\AMDAGP.SYS -> Advanced Micro Devices, Inc. [Ver = 5.00 (xpsp_sp2_rtm.040803-2158) | Size = 43008 bytes | Modified Date = 03-08-2004 22:07:44 | Attr =    ]
(asc) asc [Kernel | Boot | Running] -> %System32%\drivers\asc.sys -> Advanced System Products, Inc. [Ver = 2.9I-MS (XPClient.010817-1148) | Size = 26496 bytes | Modified Date = 17-08-2001 20:52:00 | Attr =    ]
(asc3550) asc3550 [Kernel | Boot | Running] -> %System32%\drivers\asc3550.sys -> Advanced System Products, Inc. [Ver = 3.1E-MS (XPClient.010817-1148) | Size = 14848 bytes | Modified Date = 17-08-2001 20:51:58 | Attr =    ]
(Atdisk) Atdisk [Kernel | Disabled | Stopped] ->  -> File not found
(ati2mtag) ati2mtag [Kernel | On_Demand | Running] -> %System32%\drivers\ati2mtag.sys -> ATI Technologies Inc. [Ver = 6.14.10.6476 | Size = 786944 bytes | Modified Date = 12-08-2004 21:14:46 | Attr =    ]
(Avg7Core) AVG7 Kernel [Kernel | System | Running] -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.444 | Size = 775680 bytes | Modified Date = 24-02-2007 11:30:04 | Attr =    ]
(Avg7RsW) AVG7 Wrap Driver [Kernel | System | Running] -> %System32%\drivers\avg7rsw.sys -> GRISOFT, s.r.o. [Ver = 7,0,0,340 | Size = 4224 bytes | Modified Date = 27-01-2007 19:53:40 | Attr =    ]
(Avg7RsXP) AVG7 Resident Driver XP [Kernel | System | Running] -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 24-02-2007 11:30:06 | Attr =    ]
(AvgClean) AVG7 Clean Driver [Kernel | System | Running] -> %System32%\drivers\avgclean.sys -> GRISOFT, s.r.o. [Ver = 1.0.0.14 | Size = 3968 bytes | Modified Date = 27-01-2007 19:53:38 | Attr =    ]
(Changer) Changer [Kernel | System | Stopped] ->  -> File not found
(CmdIde) CmdIde [Kernel | Boot | Running] -> %System32%\drivers\cmdide.sys -> CMD Technology, Inc. [Ver = 2.0.7 (XPClient.010817-1148) | Size = 6656 bytes | Modified Date = 04-10-2001 15:34:58 | Attr =    ]
(dac2w2k) dac2w2k [Kernel | Boot | Running] -> %System32%\drivers\dac2w2k.sys -> Mylex Corporation [Ver = 6.00-21 (XPClient.010817-1148) | Size = 179584 bytes | Modified Date = 17-08-2001 20:52:16 | Attr =    ]
(dmboot) dmboot [Kernel | Disabled | Stopped] -> %System32%\drivers\dmboot.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 800000 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
(dmio) dmio [Kernel | Disabled | Stopped] -> %System32%\drivers\dmio.sys -> Microsoft Corp., Veritas Software [Ver = 2600.2180.503.0 | Size = 153600 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
(dmload) dmload [Kernel | Disabled | Stopped] -> %System32%\drivers\dmload.sys -> Microsoft Corp., Veritas Software. [Ver = 2600.0.503.0 | Size = 5888 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
(gmer) gmer [Kernel | On_Demand | Running] -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Modified Date = 13-03-2007 13:44:54 | Attr =    ]
(HPZid412) IEEE-1284.4 Driver HPZid412 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZid412.sys -> HP [Ver = 9, 0, 0, 0 | Size = 51120 bytes | Modified Date = 14-12-2004 18:35:42 | Attr = R  ]
(HPZipr12) Print Class Driver for IEEE-1284.4 HPZipr12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZipr12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 16496 bytes | Modified Date = 14-12-2004 18:35:42 | Attr = R  ]
(HPZius12) USB to IEEE-1284.4 Translation Driver HPZius12 [Kernel | On_Demand | Stopped] -> %System32%\drivers\HPZius12.sys -> HP [Ver = 9, 0, 0, 0 | Size = 21744 bytes | Modified Date = 14-12-2004 18:35:42 | Attr = R  ]
(lbrtfdc) lbrtfdc [Kernel | System | Stopped] ->  -> File not found
(mraid35x) mraid35x [Kernel | Boot | Running] -> %System32%\drivers\mraid35x.sys -> American Megatrends Inc. [Ver = 6.19 (XPClient.010817-1148) | Size = 17280 bytes | Modified Date = 17-08-2001 20:52:12 | Attr =    ]
(NAVENG) NAVENG [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20060412.005\NAVENG.SYS -> Symantec Corporation [Ver = 20061.1.0.14 | Size = 77864 bytes | Modified Date = 05-04-2006 09:00:00 | Attr =    ]
(NAVEX15) NAVEX15 [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\VirusDefs\20060412.005\NAVEX15.SYS -> Symantec Corporation [Ver = 20061.1.0.14 | Size = 799208 bytes | Modified Date = 05-04-2006 09:00:00 | Attr =    ]
(PCIDump) PCIDump [Kernel | System | Stopped] ->  -> File not found
(PDCOMP) PDCOMP [Kernel | On_Demand | Stopped] ->  -> File not found
(PDFRAME) PDFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRELI) PDRELI [Kernel | On_Demand | Stopped] ->  -> File not found
(PDRFRAME) PDRFRAME [Kernel | On_Demand | Stopped] ->  -> File not found
(Ptilink) Driver til direkte, parallel forbindelse [Kernel | On_Demand | Running] -> %System32%\drivers\ptilink.sys -> Parallel Technologies, Inc. [Ver = 1.10 (XPClient.010817-1148) | Size = 17792 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
(PxHelp20) PxHelp20 [Kernel | Boot | Running] -> %System32%\drivers\pxhelp20.sys -> Sonic Solutions [Ver = 2.03.19E | Size = 20576 bytes | Modified Date = 21-10-2004 01:03:00 | Attr =    ]
(ql1080) ql1080 [Kernel | Boot | Running] -> %System32%\drivers\ql1080.sys -> QLogic Corporation [Ver = 3.04 | Size = 40320 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql12160) ql12160 [Kernel | Boot | Running] -> %System32%\drivers\ql12160.sys -> QLogic Corporation [Ver = 7.13.02 (W64) | Size = 45312 bytes | Modified Date = 17-08-2001 20:52:20 | Attr =    ]
(ql1280) ql1280 [Kernel | Boot | Running] -> %System32%\drivers\ql1280.sys -> QLogic Corporation [Ver = 7.13.01 (W2K) | Size = 49024 bytes | Modified Date = 17-08-2001 20:52:18 | Attr =    ]
(RTL8023xp) Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver [Kernel | On_Demand | Running] -> %System32%\drivers\Rtlnicxp.sys -> Realtek Semiconductor Corporation                            [Ver = 5.620.1202.2004 built by: WinDDK | Size = 70912 bytes | Modified Date = 02-12-2004 15:36:08 | Attr =    ]
(S3chipid) S3chipid [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Ejer\LOKALE~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys -> File not found
(SAVRT) SAVRT [Kernel | System | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVRT.SYS -> Symantec Corporation [Ver = 9.4.2.1 | Size = 338056 bytes | Modified Date = 07-03-2005 21:59:44 | Attr =    ]
(SAVRTPEL) SAVRTPEL [Kernel | Auto | Running] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\SAVRTPEL.SYS -> Symantec Corporation [Ver = 9.4.2.1 | Size = 50312 bytes | Modified Date = 07-03-2005 21:59:50 | Attr =    ]
(Secdrv) Secdrv [Kernel | Auto | Running] -> %System32%\drivers\secdrv.sys -> Macrovision Europe Ltd [Ver = 3.18.000 | Size = 12400 bytes | Modified Date = 01-06-2006 20:56:42 | Attr =    ]
(Simbad) Simbad [Kernel | Disabled | Stopped] ->  -> File not found
(Sparrow) Sparrow [Kernel | Boot | Running] -> %System32%\drivers\sparrow.sys -> Adaptec, Inc. [Ver = v2.0a (ReleaseBinaries.001205-1804) | Size = 19072 bytes | Modified Date = 17-08-2001 21:07:44 | Attr =    ]
(SPBBCDrv) SPBBCDrv [Kernel | System | Running] -> %CommonProgramFiles%\Symantec Shared\SPBBC\SPBBCDrv.sys -> Symantec Corporation [Ver = 1,0,1,47 | Size = 341096 bytes | Modified Date = 21-07-2004 16:24:02 | Attr =    ]
(symc810) symc810 [Kernel | Boot | Running] -> %System32%\drivers\symc810.sys -> Symbios Logic Inc. [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 16256 bytes | Modified Date = 17-08-2001 21:07:34 | Attr =    ]
(symc8xx) symc8xx [Kernel | Boot | Running] -> %System32%\drivers\symc8xx.sys -> LSI Logic [Ver = 5.1.2409.1 (ReleaseBinaries.001205-1804) | Size = 32640 bytes | Modified Date = 17-08-2001 21:07:36 | Attr =    ]
(SYMDNS) SYMDNS [Kernel | On_Demand | Running] -> %System32%\drivers\symdns.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 11512 bytes | Modified Date = 05-04-2005 11:16:52 | Attr =    ]
(SymEvent) SymEvent [Kernel | On_Demand | Running] -> %ProgramFiles%\Symantec\SYMEVENT.SYS -> Symantec Corporation [Ver = 11.6.6.1 | Size = 117408 bytes | Modified Date = 03-01-2006 15:31:44 | Attr =    ]
(SYMFW) SYMFW [Kernel | On_Demand | Running] -> %System32%\drivers\symfw.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 173208 bytes | Modified Date = 05-04-2005 11:16:54 | Attr =    ]
(SYMIDS) SYMIDS [Kernel | On_Demand | Running] -> %System32%\drivers\symids.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 36984 bytes | Modified Date = 05-04-2005 11:16:58 | Attr =    ]
(SYMIDSCO) SYMIDSCO [Kernel | On_Demand | Running] -> %CommonProgramFiles%\Symantec Shared\SymcData\idsdefs\20070308.001\symidsco.sys -> Symantec Corporation [Ver = 7.2.1.1 | Size = 185976 bytes | Modified Date = 16-01-2007 12:01:06 | Attr =    ]
(SYMNDIS) SYMNDIS [Kernel | On_Demand | Running] -> %System32%\drivers\symndis.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 47192 bytes | Modified Date = 05-04-2005 11:16:56 | Attr =    ]
(SYMREDRV) SYMREDRV [Kernel | On_Demand | Running] -> %System32%\drivers\symredrv.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 17976 bytes | Modified Date = 05-04-2005 11:17:00 | Attr =    ]
(SYMTDI) SYMTDI [Kernel | System | Running] -> %System32%\drivers\symtdi.sys -> Symantec Corporation [Ver = 5.5.1.6 | Size = 267192 bytes | Modified Date = 05-04-2005 11:17:02 | Attr =    ]
(sym_hi) sym_hi [Kernel | Boot | Running] -> %System32%\drivers\sym_hi.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 28384 bytes | Modified Date = 17-08-2001 21:07:40 | Attr =    ]
(sym_u3) sym_u3 [Kernel | Boot | Running] -> %System32%\drivers\sym_u3.sys -> LSI Logic [Ver = 5.1.2462.0 (Lab01_N.010309-0027) | Size = 30688 bytes | Modified Date = 17-08-2001 21:07:42 | Attr =    ]
(tmcomm) tmcomm [Kernel | Auto | Running] -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 12-03-2007 17:56:02 | Attr =    ]
(ultra) ultra [Kernel | Boot | Running] -> %System32%\drivers\ultra.sys -> Promise Technology, Inc. [Ver =  1.43 (Build 0603) | Size = 36736 bytes | Modified Date = 17-08-2001 20:52:22 | Attr =    ]
(Via4in1) Via4in1 [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Ejer\Via4in1.sys -> File not found
(viaagp1) VIA AGP Filter [Kernel | Boot | Running] -> %System32%\drivers\VIAAGP1.SYS -> VIA Technologies, Inc. [Ver = 5.1.0.3442 built by: VIA | Size = 27904 bytes | Modified Date = 02-07-2003 04:42:00 | Attr =    ]
(viamraid) viamraid [Kernel | Boot | Running] -> %System32%\drivers\viamraid.sys -> VIA Technologies inc,.ltd [Ver = 5.1.2600.410 | Size = 60672 bytes | Modified Date = 06-07-2004 22:45:42 | Attr =    ]
(WDICA) WDICA [Kernel | On_Demand | Stopped] ->  -> File not found

[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
ACTIVBOARD -> %SystemDrive%\APPS\ABOARD\ABOARD.EXE -> NEC Computers International [Ver = 1, 2, 0, 0 | Size = 24576 bytes | Modified Date = 02-05-2003 10:31:50 | Attr =    ]
ATIPTA -> %SystemDrive%\ATI Technologies\ATI Control Panel\atiptaxx.exe -> ATI Technologies, Inc. [Ver = 6.14.10.5120 | Size = 339968 bytes | Modified Date = 12-08-2004 20:10:00 | Attr =    ]
AVG7_CC -> %ProgramFiles%\Grisoft\AVG Free\avgcc.exe -> GRISOFT, s.r.o. [Ver = 7.5.0.438 | Size = 411648 bytes | Modified Date = 09-02-2007 17:18:12 | Attr =    ]
ccApp -> %CommonProgramFiles%\Symantec Shared\CCAPP.EXE -> Symantec Corporation [Ver = 103.0.5.2 | Size = 58992 bytes | Modified Date = 04-08-2005 10:06:52 | Attr =    ]
HP Software Update -> %ProgramFiles%\HP\HP Software Update\HPWuSchd2.exe -> Hewlett-Packard Co. [Ver = 50.0.146.000 | Size = 49152 bytes | Modified Date = 16-02-2005 23:11:42 | Attr =    ]
KernelFaultCheck ->  -> File not found
PCMService -> %SystemDrive%\APPS\Powercinema\PCMService.exe -> CyberLink Corp. [Ver = 4.0.0.0000 | Size = 110740 bytes | Modified Date = 28-01-2005 10:10:32 | Attr =    ]
QuickTime Task -> %ProgramFiles%\QuickTime\qttask.exe -> Apple Computer, Inc. [Ver = 6.5.1 | Size = 98304 bytes | Modified Date = 16-08-2005 14:01:00 | Attr =    ]
SoundMan -> %SystemRoot%\SOUNDMAN.EXE -> Realtek Semiconductor Corp. [Ver = 5.1.0.39 | Size = 77824 bytes | Modified Date = 17-05-2005 17:48:32 | Attr =    ]
SunJavaUpdateSched -> %ProgramFiles%\Java\jre1.5.0_11\bin\jusched.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75520 bytes | Modified Date = 15-12-2006 03:23:28 | Attr =    ]
Symantec NetDriver Monitor -> %ProgramFiles%\SymNetDrv\SNDMon.exe -> Symantec Corporation [Ver = 5.5.1.6 | Size = 100056 bytes | Modified Date = 18-01-2006 18:14:44 | Attr =    ]
< OptionalComponents [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\
IMAIL -> Installed = 1 ->
MAPI -> Installed = 1 ->
MSFS -> Installed = 1 ->
< File Associations > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>\
.bat [@ = batfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.chm [@ = chm.file] -> PersistentHandler = Reg Data - Key not found ->
.cmd [@ = cmdfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.com [@ = comfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.cpl [@ = cplfile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.exe [@ = exefile] -> PersistentHandler = {098f2470-bae0-11cd-b579-08002b30bfeb} ->
.hlp [@ = hlpfile] -> PersistentHandler = Reg Data - Key not found ->
.hta [@ = htafile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->
.html [@ = htmlfile] -> PersistentHandler = {eec97550-47a9-11cf-b952-00aa0051fe20} ->
.inf [@ = inffile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.ini [@ = inifile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.url [@ = InternetShortcut] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.js [@ = JSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.jse [@ = JSEFile] -> PersistentHandler = Reg Data - Key not found ->
.pif [@ = piffile] -> PersistentHandler = Reg Data - Key not found ->
.reg [@ = regfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.scr [@ = scrfile] -> PersistentHandler = Reg Data - Key not found ->
.txt [@ = txtfile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.vbe [@ = VBEFile] -> PersistentHandler = Reg Data - Key not found ->
.vbs [@ = VBSFile] -> PersistentHandler = {5e941d80-bf96-11cd-b579-08002b30bfeb} ->
.wsf [@ = WSFFile] -> PersistentHandler = Reg Data - Key not found ->
.wsh [@ = WSHFile] -> PersistentHandler = Reg Data - Key not found ->
< Registry Shell Spawning > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command
batfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
batfile [open] -> "%1" %* ->
batfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
chm.file [open] -> "%SystemRoot%\hh.exe" %1 -> Microsoft Corporation [Ver = 5.2.3790.2453 (srv03_sp1_gdr.050525-1542) | Size = 10752 bytes | Modified Date = 27-05-2005 00:22:02 | Attr =    ]
cmdfile [edit] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
cmdfile [open] -> "%1" %* ->
cmdfile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
comfile [open] -> "%1" %* ->
cplfile [cplopen] -> rundll32.exe shell32.dll,Control_RunDLL "%1",%* -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8465408 bytes | Modified Date = 19-12-2006 22:50:34 | Attr =    ]
exefile [open] -> "%1" %* ->
helpfile [open] -> winhlp32.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 284672 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
hlpfile [open] -> %SystemRoot%\System32\winhlp32.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.0 (XPClient.010817-1148) | Size = 8192 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
htafile [open] -> %System32%\mshta.exe "%1" %* -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 29184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
htmlfile [edit] -> "%ProgramFiles%\Microsoft Office\Office10\msohtmed.exe" %1 -> Microsoft Corporation [Ver = 10.0.2609 | Size = 66976 bytes | Modified Date = 13-02-2001 09:59:26 | Attr =    ]
htmlfile [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
htmlfile [opennew] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
htmlfile [print] -> "%ProgramFiles%\Microsoft Office\Office10\msohtmed.exe" /p %1 -> Microsoft Corporation [Ver = 10.0.2609 | Size = 66976 bytes | Modified Date = 13-02-2001 09:59:26 | Attr =    ]
http [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
https [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -nohome -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
inffile [install] -> %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 33280 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
inffile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
inffile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
inifile [open] -> %SystemRoot%\System32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
inifile [print] -> %SystemRoot%\System32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
InternetShortcut [open] -> rundll32.exe shdocvw.dll,OpenURL %l -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050) | Size = 1494528 bytes | Modified Date = 04-01-2007 14:55:32 | Attr =    ]
InternetShortcut [print] -> rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" -> Microsoft Corporation [Ver = 6.00.2900.3059 (xpsp_sp2_gdr.070104-0050) | Size = 3077632 bytes | Modified Date = 04-01-2007 14:55:20 | Attr =    ]
jsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
jsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
jsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
jsefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
jsefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
jsefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
piffile [open] -> "%1" %* ->
regfile [edit] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
regfile [open] -> regedit.exe "%1" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 150528 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
regfile [merge] -> Reg Data - Key not found ->
regfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
scrfile [config] -> "%1" ->
scrfile [install] -> rundll32.exe desk.cpl,InstallScreenSaver %l -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 136192 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
scrfile [open] -> "%1" /S ->
txtfile [edit] -> Reg Data - Key not found ->
txtfile [open] -> %SystemRoot%\system32\NOTEPAD.EXE %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
txtfile [print] -> %SystemRoot%\system32\NOTEPAD.EXE /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
txtfile [printto] -> %SystemRoot%\system32\notepad.exe /pt "%1" "%2" "%3" "%4" -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbefile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbefile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbefile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbsfile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbsfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
vbsfile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
wsffile [edit] -> %SystemRoot%\System32\Notepad.exe %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
wsffile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
wsffile [print] -> %SystemRoot%\System32\Notepad.exe /p %1 -> Microsoft Corporation [Ver = 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) | Size = 69632 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
wshfile [open] -> %SystemRoot%\System32\WScript.exe "%1" %* -> Microsoft Corporation [Ver = 5.6.0.8820 | Size = 114688 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
Unknown [openas] -> %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 -> Microsoft Corporation [Ver = 6.00.2900.3051 (xpsp_sp2_gdr.061219-0316) | Size = 8465408 bytes | Modified Date = 19-12-2006 22:50:34 | Attr =    ]
Directory [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
Folder [open] -> %SystemRoot%\Explorer.exe /idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
Folder [explore] -> %SystemRoot%\Explorer.exe /e,/idlist,%I,%L -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
Drive [find] -> %SystemRoot%\Explorer.exe -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 1033216 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
Applications\iexplore.exe [open] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" %1 -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -> "%ProgramFiles%\Internet Explorer\iexplore.exe" -> Microsoft Corporation [Ver = 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) | Size = 93184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
< ActiveX StubPath [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\
{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} ->  ->
{22d6f312-b0f6-11d0-94ab-0080c74c7e95} ->  ->
{2C7339CF-2B09-4501-B3F3-F3508C9228ED} -> %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ->
{44BBA840-CC51-11CF-AAFA-00AA00B6015C} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ->
{44BBA842-CC51-11CF-AAFA-00AA00B6015B} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ->
{5945c046-1e7d-11d1-bc44-00c04fd912be} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ->
{6BF52A52-394A-11d3-B153-00C04F79FAA6} -> rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\wmp10.inf,PerUserStub ->
{73FA19D0-2D75-11D2-995D-00C04F98BBC9} ->  ->
{7790769C-0471-11d2-AF11-00C04FA35D02} -> "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ->
{89820200-ECBD-11cf-8B85-00AA005B4340} -> regsvr32.exe /s /n /i:U shell32.dll ->
{89820200-ECBD-11cf-8B85-00AA005B4383} -> %SystemRoot%\system32\ie4uinit.exe ->
{89B4C1CD-B018-4511-B0A1-5476DBF70820} -> C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ->
>{22d6f312-b0f6-11d0-94ab-0080c74c7e95} -> C:\WINDOWS\inf\unregmp2.exe /ShowWMP ->
>{26923b43-4d38-484f-9b9e-de460746276c} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE ->
>{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS -> RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ->
>{881dd1c5-3dcf-431b-b061-f3f88e8be88a} -> %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE ->
< WOW Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW
cmdline -> %SystemRoot%\system32\ntvdm.exe ->
wowcmdline -> %SystemRoot%\system32\ntvdm.exe -a %SystemRoot%\system32\krnl386 ->
< Session Manager Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager
BootExecute -> autocheck autochk *; ->
< SecurityProviders [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\\SecurityProviders
< Winlogon settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
*VMApplet* -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\\VMApplet ->
Control_RunDLL ->  -> File not found
< Winlogon settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
< Winlogon\Notify settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
< Policy Settings [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Ext\CLSID\\{17492023-C23A-453E-A040-C7C580BBF700} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{BDEADF00-C265-11D0-BCED-00A0C90AB50F} -> 1 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{6DFD7C5C-2451-11d3-A299-00C04F8EF6AF} -> 1073741857 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\NonEnum\\{0DF44EAA-FF21-4412-828E-260A8728E7F1} -> 32 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\dontdisplaylastusername -> 0 ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticecaption ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\legalnoticetext ->  ->
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\\shutdownwithoutlogon -> 1 ->
< Policy Settings [HKCU] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\ ->  ->
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoDriveTypeAutoRun -> 145 ->
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer not found. ->  ->
< Desktop Components > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\
0 -> [Key] ->
0 -> FriendlyName = Min aktuelle startside ->
0 -> Source = About:Home ->
0 -> SubscribedURL = About:Home ->
1 -> [Key] ->
1 -> FriendlyName = Microsoft Investor Active Desktop Ticker ->
1 -> Source = http://www.microsoft.com/windows/ie/gallery/components/ticker.htm ->
1 -> SubscribedURL = http://www.microsoft.com/windows/ie/gallery/components/ticker.htm ->
< HOSTS File > (723 bytes) -> C:\WINDOWS\System32\drivers\etc\Hosts
127.0.0.1      localhost ->  ->
< Internet Explorer Settings > ->
HKLM: Default_Page_URL -> file://C:\APPS\IE\offline\dan.htm ->
HKLM: Main\\Default_Search_URL -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Local Page -> %SystemRoot%\system32\blank.htm ->
HKLM: Search Page -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch ->
HKLM: Start Page -> http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home ->
HKLM: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKLM: SearchAssistant -> http://ie.search.msn.com/da-dk/srchasst/srchasst.htm ->
HKCU: Local Page -> C:\WINDOWS\system32\blank.htm ->
HKCU: Search Bar -> http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR ->
HKCU: Search Page -> http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR ->
HKCU: Start Page -> http://www.msn.dk/ ->
HKCU: CustomizeSearch -> http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm ->
HKCU: SearchAssistant -> http://ie.search.msn.com/da-dk/srchasst/srchasst.htm ->
HKCU: ProxyEnable -> 0 ->
< Trusted Sites > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\
msn.com [ - ] ->  ->
< BHO's > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [Adobe PDF Reader Link Helper] -> Adobe Systems Incorporated [Ver = 7.0.9.2006121800 | Size = 59032 bytes | Modified Date = 18-12-2006 04:16:42 | Attr =    ]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [SSVHelper Class] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15-12-2006 03:23:24 | Attr =    ]
{7E853D72-626A-48EC-A868-BA8D5E23E045} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
{9ECB9560-04F9-4bbc-943D-298DDF1699E1} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [CNisExtBho Class] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 104048 bytes | Modified Date = 07-12-2004 12:13:44 | Attr =    ]
{BDF3E430-B101-42AD-A544-FADC6B084872} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [CNavExtBho Class] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer ToolBars [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\ToolBar
{0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 104048 bytes | Modified Date = 07-12-2004 12:13:44 | Attr =    ]
{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer ToolBars [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
WebBrowser\\{0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} [HKLM] -> %CommonProgramFiles%\Symantec Shared\AdBlocking\NISShExt.dll [Norton Internet Security] -> Symantec Corporation [Ver = 8.0.2.5 | Size = 104048 bytes | Modified Date = 07-12-2004 12:13:44 | Attr =    ]
WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} [HKLM] -> Reg Data - Key not found [Reg Data - Key not found] -> File not found
WebBrowser\\{42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Norton AntiVirus] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< Internet Explorer CmdMapping [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -> 8192 - Sun Java Console ->
{2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -> 8194 - Reg Data - Key not found ->
{FB5F1910-F110-11d2-BB9E-00C04F795683} -> 8193 - Windows Messenger ->
NextId -> 8195 ->
< Internet Explorer Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKLM] -> %ProgramFiles%\Java\jre1.5.0_11\bin\npjpi150_11.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 75528 bytes | Modified Date = 15-12-2006 03:23:26 | Attr =    ]
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} [HKCU] -> %ProgramFiles%\Java\jre1.5.0_11\bin\ssv.dll [MenuText: Sun Java Console] -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 440056 bytes | Modified Date = 15-12-2006 03:23:24 | Attr =    ]
< Internet Explorer Menu Extensions [HKCU] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\MenuExt\
E&ksporter til Microsoft Excel ->  -> File not found
< Approved Shell Extensions [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved
{00E7B358-F65B-4dcf-83DF-CD026B94BFD4} [HKLM] -> Reg Data - Key not found [Autoplay for SlideShow] -> File not found
{0DF44EAA-FF21-4412-828E-260A8728E7F1} [HKLM] -> Reg Data - Key not found [Proceslinje og menuen Start] -> File not found
{42071714-76d4-11d1-8b24-00a0c9068ff3} [HKLM] -> deskpan.dll [Kontrolpanel-udvidelse til skærmpanorering] -> File not found
{764BF0E1-F219-11ce-972D-00AA00A14F56} [HKLM] -> Reg Data - Key not found [Grænsefladeudvidelser til filkomprimering] -> File not found
{7A9D77BD-5403-11d2-8785-2E0420524153} [HKLM] -> Reg Data - Key not found [Brugerkonti] -> File not found
{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA} [HKLM] -> Reg Data - Key not found [Kontekstmenu til kryptering] -> File not found
{88895560-9AA2-1069-930E-00AA0030EBC8} [HKLM] -> %System32%\hticons.dll [HyperTerminal-ikon] -> Hilgraeve, Inc. [Ver = 5.1.2600.0 | Size = 44544 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 27-01-2007 19:53:36 | Attr =    ]
{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Find Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 27-01-2007 19:53:36 | Attr =    ]
{DEE12703-6333-4D4E-8F34-738C4DCC2E04} [HKLM] -> %SystemDrive%\APPS\RecordNow\shlext.dll [RecordNow! SendToExt] ->  [Ver = 7.0.0.0 | Size = 73728 bytes | Modified Date = 19-11-2004 06:01:00 | Attr =    ]
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} [HKLM] -> %ProgramFiles%\Real\RealPlayer\rpshell.dll [Shell Extensions for RealOne Player] -> RealNetworks, Inc. [Ver = 1.0.1.2004 | Size = 49198 bytes | Modified Date = 16-08-2005 14:00:40 | Attr =    ]
< ContextMenuHandlers - * [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\*\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 27-01-2007 19:53:36 | Attr =    ]
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< ContextMenuHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\Software\Classes\Folder\shellex\ContextMenuHandlers\
{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} [HKLM] -> %ProgramFiles%\Grisoft\AVG Free\avgse.dll [AVG7 Shell Extension] -> GRISOFT, s.r.o. [Ver = 7.5.0.409 | Size = 50688 bytes | Modified Date = 27-01-2007 19:53:36 | Attr =    ]
{5345A4D5-41EB-4A2F-9616-CE1D4F6C35B2} [HKLM] -> %ProgramFiles%\Norton Internet Security\Norton AntiVirus\NAVSHEXT.DLL [Symantec.Norton.Antivirus.IEContextMenu] -> Symantec Corporation [Ver = 11.0.16.2 | Size = 218760 bytes | Modified Date = 29-11-2005 12:34:02 | Attr =    ]
< ColumnHandlers - Folder [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\shellex\ColumnHandlers\
{F9DB5320-233E-11D1-9F84-707F02C10627} [HKLM] -> %ProgramFiles%\Adobe\Acrobat 7.0\ActiveX\pdfshell.dll [PDF Shell Extension] -> Adobe Systems, Inc. [Ver = 7.0.0.0 | Size = 110592 bytes | Modified Date = 14-12-2004 02:20:02 | Attr =    ]
< User Agent Post Platform [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform
SV1 ->  ->
< DNS Name Servers [HKLM] > -> HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Adapters\
{49075F90-F9B8-4DAD-9D78-B30D9CF3605C} ->    (Realtek RTL8139/810x Family Fast Ethernet NIC) ->
{B636E39C-6D72-4852-AEE9-C5E8B3343671} ->    () ->
< Protocol Handlers [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\
ipp -> Reg Data - Key not found -> File not found
msdaipp -> Reg Data - Key not found -> File not found
< Downloaded Program Files > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\
{2FC9A21E-2069-4E47-8235-36318989DB13} -> PPSDKActiveXScanner.MainScreen - CodeBase = http://ppupdates.ca.com/downloads/scanner/axscanner.cab ->
{8AD9C840-044E-11D1-B3E9-00805F499D93} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab ->
{B38870E4-7ECB-40DA-8C6A-595F0A5519FF} -> MsnMessengerSetupDownloadControl Class - CodeBase = http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab ->
{C81B5180-AFD1-41A3-97E1-99E8D254DB98} ->  - CodeBase = http://scanner.virus112.com/cabs/cssweb.cab ->
{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA} -> Java Plug-in 1.4.2_05 - CodeBase = http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab ->
{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_06 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab ->
{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab ->
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} -> Java Plug-in 1.5.0_11 - CodeBase = http://java.sun.com/update/1.5.0/jinstall-1_5_0_11-windows-i586.cab ->
{D8575CE3-3432-4540-88A9-85A1325D3375} -> e-Safekey - CodeBase = https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab ->
{DC765522-D5BE-49C9-AF5F-8C715A44BA28} -> MS Investor Ticker - CodeBase = http://fdl.msn.com/public/investor/v9/ticker.cab ->
Microsoft XML Parser for Java ->  - CodeBase = file://C:\WINDOWS\Java\classes\xmldso.cab ->
ppctlcab ->  - CodeBase = http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab ->


[Files - Created Within 30 days]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm ->  [Ver =  | Size = 268 bytes | Created Date = 14-03-2007 20:28:53 | Attr =  H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm ->  [Ver =  | Size = 268 bytes | Created Date = 14-03-2007 20:57:39 | Attr =  H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm ->  [Ver =  | Size = 244 bytes | Created Date = 14-03-2007 20:28:53 | Attr =  H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm ->  [Ver =  | Size = 244 bytes | Created Date = 14-03-2007 20:57:39 | Attr =  H ]
Ansøgning.doc -> %UserDocuments%\Ansøgning.doc ->  [Ver =  | Size = 27136 bytes | Created Date = 05-03-2007 13:52:36 | Attr =    ]
Mine delemapper.lnk -> %UserDocuments%\Mine delemapper.lnk ->  [Ver =  | Size = 613 bytes | Created Date = 03-03-2007 21:05:57 | Attr =    ]
Overfald.doc -> %UserDocuments%\Overfald.doc ->  [Ver =  | Size = 29184 bytes | Created Date = 25-02-2007 17:55:59 | Attr =    ]
The Sims 2 Nightlife.lnk -> %AllUsersDesktop%\The Sims 2 Nightlife.lnk ->  [Ver =  | Size = 1831 bytes | Created Date = 01-03-2007 20:01:14 | Attr =    ]
Windows Live Messenger.lnk -> %AllUsersDesktop%\Windows Live Messenger.lnk ->  [Ver =  | Size = 1732 bytes | Created Date = 03-03-2007 21:03:40 | Attr =    ]
gamer.zip -> %UserDesktop%\gamer.zip ->  [Ver =  | Size = 491891 bytes | Created Date = 14-03-2007 21:03:48 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\gamer.zip:Zone.Identifier ->
sdsetup.exe -> %UserDesktop%\sdsetup.exe -> PC Tools                                                    [Ver = 4.0.0.2621          | Size = 11352928 bytes | Created Date = 14-03-2007 20:40:09 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\sdsetup.exe:Zone.Identifier ->
sims2ep2_patch.exe -> %UserDesktop%\sims2ep2_patch.exe ->  [Ver =  | Size = 19072283 bytes | Created Date = 01-03-2007 18:54:37 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 344532 bytes | Created Date = 14-03-2007 21:18:53 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
gmer.dll -> %SystemRoot%\gmer.dll ->  [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Created Date = 13-03-2007 13:44:53 | Attr =    ]
gmer.exe -> %SystemRoot%\gmer.exe ->  [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Created Date = 13-03-2007 13:44:53 | Attr = R  ]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\gmer.exe:Zone.Identifier ->
gmer.ini -> %SystemRoot%\gmer.ini ->  [Ver =  | Size = 250 bytes | Created Date = 13-03-2007 13:44:54 | Attr =    ]
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd ->  [Ver =  | Size = 80 bytes | Created Date = 13-03-2007 13:44:53 | Attr =    ]
java.exe -> %System32%\java.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 49248 bytes | Created Date = 24-02-2007 11:43:48 | Attr =    ]
javaw.exe -> %System32%\javaw.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 53346 bytes | Created Date = 24-02-2007 11:43:49 | Attr =    ]
javaws.exe -> %System32%\javaws.exe -> Sun Microsystems, Inc. [Ver = 5.0.110.3 | Size = 127078 bytes | Created Date = 24-02-2007 11:43:49 | Attr =    ]
gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Created Date = 13-03-2007 13:44:53 | Attr =    ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Created Date = 12-03-2007 17:57:46 | Attr =    ]

[Files - Modified Within 30 days]
hiberfil.sys -> %SystemDrive%\hiberfil.sys ->  [Ver =  | Size = 536399872 bytes | Modified Date = 14-03-2007 20:58:40 | Attr =  HS]
sqmdata00.sqm -> %SystemDrive%\sqmdata00.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 14-03-2007 20:28:54 | Attr =  H ]
sqmdata01.sqm -> %SystemDrive%\sqmdata01.sqm ->  [Ver =  | Size = 268 bytes | Modified Date = 14-03-2007 20:57:40 | Attr =  H ]
sqmnoopt00.sqm -> %SystemDrive%\sqmnoopt00.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 14-03-2007 20:28:54 | Attr =  H ]
sqmnoopt01.sqm -> %SystemDrive%\sqmnoopt01.sqm ->  [Ver =  | Size = 244 bytes | Modified Date = 14-03-2007 20:57:40 | Attr =  H ]
GDIPFONTCACHEV1.DAT -> %LocalAppData%\GDIPFONTCACHEV1.DAT ->  [Ver =  | Size = 93360 bytes | Modified Date = 08-03-2007 08:56:48 | Attr =    ]
IconCache.db -> %LocalAppData%\IconCache.db ->  [Ver =  | Size = 5889864 bytes | Modified Date = 14-03-2007 20:57:44 | Attr =  H ]
Ansøgning.doc -> %UserDocuments%\Ansøgning.doc ->  [Ver =  | Size = 27136 bytes | Modified Date = 05-03-2007 14:00:54 | Attr =    ]
BioFeltTerapi.pub -> %UserDocuments%\BioFeltTerapi.pub ->  [Ver =  | Size = 117760 bytes | Modified Date = 26-02-2007 16:06:04 | Attr =    ]
Mine delemapper.lnk -> %UserDocuments%\Mine delemapper.lnk ->  [Ver =  | Size = 613 bytes | Modified Date = 14-03-2007 21:00:24 | Attr =    ]
Overfald.doc -> %UserDocuments%\Overfald.doc ->  [Ver =  | Size = 29184 bytes | Modified Date = 25-02-2007 17:56:00 | Attr =    ]
The Sims 2 Nightlife.lnk -> %AllUsersDesktop%\The Sims 2 Nightlife.lnk ->  [Ver =  | Size = 1831 bytes | Modified Date = 01-03-2007 20:01:16 | Attr =    ]
Windows Live Messenger.lnk -> %AllUsersDesktop%\Windows Live Messenger.lnk ->  [Ver =  | Size = 1732 bytes | Modified Date = 03-03-2007 21:03:42 | Attr =    ]
gamer.zip -> %UserDesktop%\gamer.zip ->  [Ver =  | Size = 491891 bytes | Modified Date = 14-03-2007 21:03:58 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\gamer.zip:Zone.Identifier ->
sdsetup.exe -> %UserDesktop%\sdsetup.exe -> PC Tools                                                    [Ver = 4.0.0.2621          | Size = 11352928 bytes | Modified Date = 14-03-2007 20:40:16 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\sdsetup.exe:Zone.Identifier ->
sims2ep2_patch.exe -> %UserDesktop%\sims2ep2_patch.exe ->  [Ver =  | Size = 19072283 bytes | Modified Date = 01-03-2007 18:56:38 | Attr =    ]
winpfind3u.exe -> %UserDesktop%\winpfind3u.exe ->  [Ver =  | Size = 344532 bytes | Modified Date = 14-03-2007 21:21:08 | Attr =    ]
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
bootstat.dat -> %SystemRoot%\bootstat.dat ->  [Ver =  | Size = 2048 bytes | Modified Date = 14-03-2007 20:58:48 | Attr =  S]
gmer.dll -> %SystemRoot%\gmer.dll ->  [Ver = 1, 0, 12, 12086 | Size = 565311 bytes | Modified Date = 13-03-2007 13:44:54 | Attr =    ]
gmer.exe -> %SystemRoot%\gmer.exe ->  [Ver = 1, 0, 12, 12086 | Size = 573440 bytes | Modified Date = 07-03-2007 15:52:36 | Attr = R  ]
@Alternate Data Stream - 0 bytes -> %SystemRoot%\gmer.exe:Zone.Identifier ->
gmer.ini -> %SystemRoot%\gmer.ini ->  [Ver =  | Size = 250 bytes | Modified Date = 14-03-2007 21:04:02 | Attr =    ]
gmer_uninstall.cmd -> %SystemRoot%\gmer_uninstall.cmd ->  [Ver =  | Size = 80 bytes | Modified Date = 13-03-2007 13:44:54 | Attr =    ]
imsins.BAK -> %SystemRoot%\imsins.BAK ->  [Ver =  | Size = 1374 bytes | Modified Date = 22-02-2007 21:28:10 | Attr =    ]
wpa.dbl -> %System32%\wpa.dbl ->  [Ver =  | Size = 1158 bytes | Modified Date = 14-03-2007 20:59:52 | Attr =    ]
avg7core.sys -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.444 | Size = 775680 bytes | Modified Date = 24-02-2007 11:30:04 | Attr =    ]
avg7rsxp.sys -> %System32%\drivers\avg7rsxp.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 27776 bytes | Modified Date = 24-02-2007 11:30:06 | Attr =    ]
avgmfx86.sys -> %System32%\drivers\avgmfx86.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.442 | Size = 19392 bytes | Modified Date = 24-02-2007 11:30:04 | Attr =    ]
gmer.sys -> %System32%\drivers\gmer.sys -> GMER [Ver = 1, 0, 12, 3816 | Size = 68993 bytes | Modified Date = 13-03-2007 13:44:54 | Attr =    ]
tmcomm.sys -> %System32%\drivers\tmcomm.sys -> Trend Micro Inc. [Ver = 1.5.0.1052 | Size = 76560 bytes | Modified Date = 12-03-2007 17:56:02 | Attr =    ]

[File String Scan - Non-Microsoft Only]
@Alternate Data Stream - 118 bytes -> %AllUsersAppData%\TEMP:DFC5A2B2 ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\avg75free_432a904.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\gamer.zip:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\sdsetup.exe:Zone.Identifier ->
@Alternate Data Stream - 26 bytes -> %UserDesktop%\winpfind3u.exe:Zone.Identifier ->
@Alternate Data Stream - 0 bytes -> %SystemRoot%\gmer.exe:Zone.Identifier ->
WSUD ,  -> %System32%\ALSNDMGR.CPL -> Realtek Semiconductor Corp. [Ver = 2.2.0.44 | Size = 18726912 bytes | Modified Date = 18-05-2005 14:17:54 | Attr =    ]
PEC2 ,  -> %System32%\dfrg.msc ->  [Ver =  | Size = 41123 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
PTech ,  -> %System32%\LegitCheckControl.dll -> Microsoft Corp. [Ver = 1.5.0512.0 | Size = 550120 bytes | Modified Date = 14-02-2006 08:20:14 | Attr =    ]
winsync ,  -> %System32%\wbdbase.deu ->  [Ver =  | Size = 1309184 bytes | Modified Date = 27-08-2004 13:00:00 | Attr =    ]
UPX! , FSG! , PEC2 , aspack ,  -> %System32%\drivers\avg7core.sys -> GRISOFT, s.r.o. [Ver = 7.5.0.444 | Size = 775680 bytes | Modified Date = 24-02-2007 11:30:04 | Attr =    ]

< End of report >

Log (2)
Avatar billede lotteh Nybegynder
14. marts 2007 - 21:27 #8
Nu håber jeg, at jeg har gjort det rigtige... Jeg har ikke prøvet det her før..

LotteH
Avatar billede ejvindh Ekspert
15. marts 2007 - 14:02 #9
Det var rigtig nok, på den måde at du har fulgt det råd jeg gav puter_phil for et par måneder siden. Men havde du fulgt mit råd om at oprette en anden tråd, kunne du være sluppet noget nemmere om ved det, idet der nu findes mere handy værktøjer til at afdække om man har peacomm på computeren.

Men du har ikke infektionen. Du skal (som andre der har fået denne meddelelse) se at få opdateret dit Norton-program, så forsvinder meldingen. Kan du ikke opdatere må du enten forny din licens, eller bruge et andet antivirus-program.

Som oprydning kan du gøre følgende:

Kør WinPFind3U fra WinPFind3U-mappen igen. Kopier indholdet mellem de bølgede linier ind i det hvide felt til højre (højreklik på feltet og vælg "sæt ind"/"paste"):

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[Driver Services - Non-Microsoft Only]
YY -> (S3chipid) S3chipid [Kernel | On_Demand | Stopped] -> %SystemDrive%\DOCUME~1\Ejer\LOKALE~1\Temp\{2B43252C-A1E3-4C47-927C-9F2C276D3515}\S3chipid.sys
[Registry - Non-Microsoft Only]
< Run [HKLM] > -> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
YN -> KernelFaultCheck ->
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Klik herefter på "Run Fix", og følg instruksionerne, der gives. Så bliver der ryddet lidt op.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
pop up black friday Af Malm i Virus 10 22/11/202420:49 23/11/202410:46
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus 21 22/06/202419:22 23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus 23 07/05/202421:02 13/05/202419:48
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
53 min siden videoredigering med DaVinci Resolve Af gerhardpet i Andet software
I går 18:09 Billedoverførsel Af Laurids i iOS, iPhone & iPad
I går 13:30 Hvordan ændres UniFi Dream Machine UDM til switch mode Af Kasper4450 i Internetforbindelser
I går 13:01 Film går i stå midt i afspilningen Af ole falsted i Musik & videoafspillere
I går 11:40 Fjerne mappe i stifinder Af Peter Olsen i Andet software
White papers
Flere white papers »


Premium
Teaser billede
"Jeg har aldrig fået et job gennem ansøgninger. Hele min karriere er skabt gennem netværk og relationer”
Læs mere »
Med to klik på siden af din iPhone kan du snart betale med MobilePay i butikker: Vil erstatte Apple Pay til næste år
Microsoft blokerer: Du kan ikke længere installere stor Windows-opdatering, hvis disse pc-spil ligger på din pc
Oracle i Danmark fordobler overskuddet efter stor reduktion af medarbejderstaben
Se alle »
Computerworld
Teaser billede
Microsofts nye pc er ekstrem billig – men kan blive ekstrem sikker og fleksibel
Læs mere »
Test: Den snusfornuftige Volkswagen ID.3 blevet til lidt af el-bisse
Test: Prøv kun disse B&O-hovedtelefoner, hvis du har råd
Kæmpe datalæk på hospital: 750.000 patienters fortrolige data lækket
Se alle »
CIO
Teaser billede
Konsulenthus vil rulle Microsoft 365 Copilot ud til 200.000 ansatte
Læs mere »
Stort Microsoft-nedbrud rammer flere kunder: Problemer med Teams og mails
Kæmpe-opgave for Danske Bank har banet vej for fuldautomatiseret migrering til cloud: Nu udbredes metoden i hele AWS
Microsofts store årlige event: De tre vigtigste nøglebudskaber fra Satya Nadella om Microsofts fremtid
Se alle »
Job & Karriere
Teaser billede
Microsoft klar med ny direktion for den danske forretning: Her er de nye direktører
Læs mere »
Efter skelsættende møde med sportscoach: Stor dansk it-arbejdsplads indfører fredags-fri og isbade i arbejdstiden
Linus Torvalds giver russiske Linux-udviklere sparket: Vil ikke have noget med dem at gøre
Topchef Sara Green mener, at der er brug for et radikalt nyt syn på it-ledelse - særligt én ny trend hader hun som pesten
Se alle »
White paper
Teaser billede
Governance, Risk & Compliance: Knyt stærke bånd mellem forretning og sikkerhed
Læs mere »
Sådan gør du: Elektronisk dokumentudveksling i praksis
SAP: Skab værdi og minimér omkostninger med effektiv dokumenthåndtering
Styrk compliance, sikkerhed og overblik med ét hug
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »