Loading dump 1.
Parsing dump 1.
Loading dump 2.
Parsing dump 2.
Comparing the two dumps.
Comparsion result:
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32\
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32\ThreadingModel
CRE HKEY_CLASSES_ROOT\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\ThreadingModel
CRE HKEY_CLASSES_ROOT\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}
CRE HKEY_CLASSES_ROOT\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32
CRE HKEY_CLASSES_ROOT\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\
CRE HKEY_CLASSES_ROOT\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\ThreadingModel
CRE HKEY_CURRENT_USER\ColorTable19
CRE HKEY_CURRENT_USER\ColorTable20
CRE HKEY_CURRENT_USER\Control Panel\Desktop\Pattern
CRE HKEY_CURRENT_USER\Software\Classes\CLSID
CRE HKEY_CURRENT_USER\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}
CRE HKEY_CURRENT_USER\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32
CRE HKEY_CURRENT_USER\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\
CRE HKEY_CURRENT_USER\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\ThreadingModel
CRE HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url10
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\c
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\MRUList
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\a
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\b
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.log\OpenWithList\b
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\0
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\1
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\MRUListEx
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\11
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\12
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\flfgrzfureybpx\qhzc_pbzcner_pbcl.ong
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheLimit
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheOptions
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CachePath
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CachePrefix
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheRepair
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz\*
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org\*
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoAddingComponents
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoComponents
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoDeletingComponents
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoEditingComponents
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoHTMLWallPaper
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System\Wallpaper
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ProductBuild
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Windows installer
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateNT
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\aupd
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\multitran
CRE HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program\hjt\HijackThis.exe
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32\
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\InprocServer32\ThreadingModel
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}\ThreadingModel
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\ATI_VER
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DownloadManager
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\WallpaperFileTime
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Desktop\General\WallpaperLocalFileTime
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\Asynchronous
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\DllName
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\Impersonate
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\MaxWait
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\Startup
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\dvd4free\nuk4key
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\DLLName
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\lock
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\logoff
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\logon
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\shutdown
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\startscreensaver
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\startshell
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\startup
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\stopscreensaver
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\st3\unlock
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{1B68470C-2DEF-493B-8A4A-8E2D81BE4EA5}
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{F33812FB-F35C-4674-90F6-FD757C419C51}
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz\*
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org\*
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\Explorer64
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices\multitran
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Explorer32
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\System
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdate
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateNT
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\multitran
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\DisplayIcon
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\DisplayName
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\DisplayVersion
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\Publisher
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\URLInfoAbout
CRE HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HijackThis\UninstallString
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Class
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\ClassGUID
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\ConfigFlags
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Control\*NewlyCreated*
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\DeviceDesc
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Legacy
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\0000\Service
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_DVDKERNL\NextInstance
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RASMAN\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_RASMAN\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TAPISRV\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TAPISRV\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider\EventMessageFile
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider\TypesSupported
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Explorer.EXE
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\DisplayName
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Enum
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Enum\0
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Enum\Count
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Enum\NextInstance
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\ErrorControl
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\ImagePath
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Security
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Security\Security
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Start
CRE HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\dvdkernl\Type
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Class
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\ClassGUID
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\ConfigFlags
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Control\*NewlyCreated*
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\DeviceDesc
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Legacy
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\0000\Service
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_DVDKERNL\NextInstance
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RASMAN\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_RASMAN\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TAPISRV\0000\Control
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_TAPISRV\0000\Control\ActiveService
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider\EventMessageFile
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Microsoft H.323 Telephony Service Provider\TypesSupported
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\C:\WINDOWS\Explorer.EXE
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\EnableFirewall
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\DisplayName
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Enum
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Enum\0
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Enum\Count
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Enum\NextInstance
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\ErrorControl
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\ImagePath
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Security
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Security\Security
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Start
CRE HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\dvdkernl\Type
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\ColorTable19
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\ColorTable20
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Control Panel\Desktop\Pattern
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Classes\CLSID
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\ThreadingModel
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url10
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\c
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\MRUList
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\a
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\log\b
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.log\OpenWithList\b
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\0
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\1
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\.log\MRUListEx
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\11
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\12
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\flfgrzfureybpx\qhzc_pbzcner_pbcl.ong
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheLimit
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheOptions
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CachePath
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CachePrefix
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005110720051108\CacheRepair
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\buytraff.biz\*
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\porn-host.org\*
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoAddingComponents
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoChangingWallpaper
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoComponents
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoDeletingComponents
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoEditingComponents
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop\NoHTMLWallPaper
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ClassicShell
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoActiveDesktop
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System\Wallpaper
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\ProductBuild
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\Windows installer
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\WindowsUpdateNT
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\aupd
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Run\multitran
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\MUICache\C:\Program\hjt\HijackThis.exe
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003_Classes\CLSID
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003_Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003_Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003_Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\
CRE HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003_Classes\CLSID\{F33812FB-F35C-4674-90F6-FD757C419C51}\InProcServer32\ThreadingModel
CRE c:\Documents and Settings\Roger\Application Data\Install.dat
CRE c:\Documents and Settings\Roger\Cookies\roger@047[1].txt
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\1.qtdfmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\1213.4516
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\2.qtdfmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\5.qtdfmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\6.qtdfmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\7.qtdfmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\901597666
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\901597666\2476.tmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\maxdd.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vx1.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vx2.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vx3.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vx4.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vx6.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vxt1.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vxt2.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vxt3.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\vxt4.game
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temp\~DF717C.tmp
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\492F49EJ\ab[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\492F49EJ\catar[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\492F49EJ\targ[1].chm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\492F49EJ\x[2].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\8XMJGLIZ\ab[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\8XMJGLIZ\ab[2].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\8XMJGLIZ\r4[1].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\8XMJGLIZ\win32[1].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\C12FS9AV\047[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\C12FS9AV\latest[1].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\C12FS9AV\latest[2].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\C12FS9AV\win32[1].exe
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\KHYB4HUB\ab[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\KHYB4HUB\ab[1].php
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\KHYB4HUB\catar[1].htm
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\KHYB4HUB\count[1].jar
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005110720051108
CRE c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005110720051108\index.dat
CRE c:\Documents and Settings\Roger\Mina dokument\hijackthis2.log
CRE c:\Documents and Settings\Roger\Mina dokument\hijackthis3.log
CRE c:\Documents and Settings\Roger\Recent\hijackthis2.log.lnk
CRE c:\Documents and Settings\Roger\Recent\hijackthis3.log.lnk
CRE c:\Program Files
CRE c:\Program Files\SpySheriff
CRE c:\Program Files\SpySheriff\IESecurity.dll
CRE c:\Program Files\SpySheriff\ProcMon.dll
CRE c:\Program Files\SpySheriff\SpySheriff.dvm
CRE c:\Program Files\SpySheriff\SpySheriff.exe
CRE c:\Program Files\SpySheriff\Uninstall.exe
CRE c:\Program Files\SpySheriff\base.avd
CRE c:\Program Files\SpySheriff\base001.avd
CRE c:\Program Files\SpySheriff\base002.avd
CRE c:\Program Files\SpySheriff\found.wav
CRE c:\Program Files\SpySheriff\heur000.dll
CRE c:\Program Files\SpySheriff\heur001.dll
CRE c:\Program Files\SpySheriff\heur002.dll
CRE c:\Program Files\SpySheriff\heur003.dll
CRE c:\Program Files\SpySheriff\notfound.wav
CRE c:\Program Files\SpySheriff\removed.wav
CRE c:\Program\Ethereal\network-log-plain.txt
CRE c:\Program\Ethereal\network-log.txt
CRE c:\Program\systemsherlock\before.dat
CRE c:\Program\systemsherlock\network-log-urls.txt
CRE c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003\Dc111
CRE c:\WINDOWS\Downloaded Program Files\win32.exe
CRE c:\WINDOWS\Prefetch\GREP.EXE-0EA4342B.pf
CRE c:\WINDOWS\Prefetch\LATEST.EXE-0B20F8D2.pf
CRE c:\WINDOWS\Prefetch\LO-1511677629.EXE-009F3E0E.pf
CRE c:\WINDOWS\Prefetch\RUNDLL32.EXE-1E6C2BE2.pf
CRE c:\WINDOWS\Prefetch\RUNDLL32.EXE-470C1EA0.pf
CRE c:\WINDOWS\Prefetch\SPLIT1.EXE-0837BA37.pf
CRE c:\WINDOWS\Prefetch\SPLIT2.EXE-06687E70.pf
CRE c:\WINDOWS\Prefetch\SSTRAY.EXE-16483785.pf
CRE c:\WINDOWS\Prefetch\SVCHOST.EXE-0445652B.pf
CRE c:\WINDOWS\Prefetch\SYSVCS.EXE-150905C2.pf
CRE c:\WINDOWS\Prefetch\VXGAME1.EXE-19DD5B63.pf
CRE c:\WINDOWS\Prefetch\VXGAME2.EXE-3521824F.pf
CRE c:\WINDOWS\Prefetch\VXGAME3.EXE-04AA0BF1.pf
CRE c:\WINDOWS\Prefetch\VXGAME4.EXE-02DAD02A.pf
CRE c:\WINDOWS\Prefetch\VXGAMET1.EXE-07759D61.pf
CRE c:\WINDOWS\Prefetch\VXGAMET4.EXE-2121C5BC.pf
CRE c:\WINDOWS\Prefetch\VXH8JKDQ1.EXE-3523F20C.pf
CRE c:\WINDOWS\Prefetch\VXH8JKDQ2.EXE-19DAEBA6.pf
CRE c:\WINDOWS\Prefetch\VXH8JKDQ5.EXE-0ABD5328.pf
CRE c:\WINDOWS\Prefetch\VXH8JKDQ6.EXE-08A6C083.pf
CRE c:\WINDOWS\Prefetch\VXH8JKDQ7.EXE-3124CDBD.pf
CRE c:\WINDOWS\Prefetch\WIN32.EXE-305950E8.pf
CRE c:\WINDOWS\Prefetch\WINL.EXE-084BBA78.pf
CRE c:\WINDOWS\Prefetch\~UPDATE.EXE-03BEB2D6.pf
CRE c:\WINDOWS\desktop.html
CRE c:\WINDOWS\q7513093.dll
CRE c:\WINDOWS\sstray.exe
CRE c:\WINDOWS\system32\41.dl_
CRE c:\WINDOWS\system32\bin28.log
CRE c:\WINDOWS\system32\birdihuy.dll
CRE c:\WINDOWS\system32\birdihuy32.dll
CRE c:\WINDOWS\system32\chp.dll
CRE c:\WINDOWS\system32\ddr64.dll
CRE c:\WINDOWS\system32\efsdfgxg.exe
CRE c:\WINDOWS\system32\kernels32.exe
CRE c:\WINDOWS\system32\latest.exe
CRE c:\WINDOWS\system32\maxd1.exe
CRE c:\WINDOWS\system32\split1.exe
CRE c:\WINDOWS\system32\split2.exe
CRE c:\WINDOWS\system32\sysvcs.exe
CRE c:\WINDOWS\system32\vx.tll
CRE c:\WINDOWS\system32\vxgame1.exe
CRE c:\WINDOWS\system32\vxgame2.exe
CRE c:\WINDOWS\system32\vxgame3.exe
CRE c:\WINDOWS\system32\vxgamet1.exe
CRE c:\WINDOWS\system32\vxgamet2.exe
CRE c:\WINDOWS\system32\vxgamet3.exe
CRE c:\WINDOWS\system32\vxgamet4.exe
CRE c:\WINDOWS\system32\vxh8jkdq1.exe
CRE c:\WINDOWS\system32\vxh8jkdq2.exe
CRE c:\WINDOWS\system32\vxh8jkdq5.exe
CRE c:\WINDOWS\system32\vxh8jkdq6.exe
CRE c:\WINDOWS\system32\vxh8jkdq7.exe
CRE c:\WINDOWS\system32\vxh8jkdq8.exe
CRE c:\WINDOWS\system32\zlbw.dll
CRE c:\WINDOWS\system32\~update.exe
CRE c:\WINDOWS\system\svchost.dll
CRE c:\WINDOWS\system\svchost.exe
CRE c:\WINDOWS\system\svwhost.dll
CRE c:\WINDOWS\system\svwhost.exe
CRE c:\WINDOWS\system\svwhost.exe.bak
CRE c:\birdihuy.dll
CRE c:\birdihuy32.dll
CRE c:\lo-1511677629.exe
CRE c:\winstall.exe
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheLimit
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheOptions
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CachePath
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CachePrefix
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheRepair
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheLimit
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheOptions
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CachePath
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CachePrefix
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheRepair
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheLimit
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheOptions
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CachePath
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CachePrefix
DEL HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheRepair
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheLimit
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheOptions
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CachePath
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CachePrefix
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005060620050613\CacheRepair
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheLimit
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheOptions
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CachePath
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CachePrefix
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061320050614\CacheRepair
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheLimit
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheOptions
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CachePath
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CachePrefix
DEL HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Extensible Cache\MSHist012005061820050619\CacheRepair
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005060620050613
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005060620050613\index.dat
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005061320050614
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005061320050614\index.dat
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005061820050619
DEL c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\MSHist012005061820050619\index.dat
DEL c:\WINDOWS\system32\drivers\etc\hosts
MOD HKEY_CURRENT_USER\SessionInformation\ProgramCount
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\ComponentsPositioned
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\WallpaperFileTime
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\General\WallpaperLocalFileTime
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url1
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url2
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url3
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url4
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url5
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url6
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url7
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url8
MOD HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\TypedURLs\url9
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\MRUList
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\MRUList
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\e
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\f
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.log\OpenWithList\MRUList
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\MRUListEx
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_PGYFRFFVBA
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\Rgurerny\_ehargu.ong
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\Vagrearg Rkcybere\vrkcyber.rkr
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\uwg\UvwnpxGuvf.rkr
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:Trai�t gvyy UvwnpxGuvf.rkr.yax
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACVQY
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACVQY:::{2559N1S4-21Q7-11Q4-OQNS-00P04S60O9S0}
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_HVFPHG
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\BagMRU\MRUListEx
MOD HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ColInfo
MOD HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography\RNG\Seed
MOD HKEY_LOCAL_MACHINE\SOFTWARE\Soeperman Enterprises Ltd.\HijackThis\WinHeight
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\TimeZoneInformation\ActiveTimeBias
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Dhcp\Parameters\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Eventlog\Application\Sources
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\LeaseObtainedTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\LeaseTerminatesTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\T1
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\T2
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\LeaseObtainedTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\LeaseTerminatesTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\T1
MOD HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\T2
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\TimeZoneInformation\ActiveTimeBias
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dhcp\Parameters\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Sources
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\LeaseObtainedTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\LeaseTerminatesTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\T1
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\T2
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\LeaseObtainedTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\LeaseTerminatesTime
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\T1
MOD HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\{BC24B697-4C1E-4D3C-89B7-B171BA2A583F}\Parameters\Tcpip\T2
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\SessionInformation\ProgramCount
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\Desktop\General\ComponentsPositioned
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\Desktop\General\WallpaperFileTime
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\Desktop\General\WallpaperLocalFileTime
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url1
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url2
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url3
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url4
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url5
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url6
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url7
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url8
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Internet Explorer\TypedURLs\url9
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\LastVisitedMRU\MRUList
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\MRUList
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\e
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\ComDlg32\OpenSaveMRU\*\f
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.log\OpenWithList\MRUList
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\RecentDocs\MRUListEx
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{5E6AB780-7743-11CF-A12B-00AA004AE837}\Count\HRZR_PGYFRFFVBA
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\Rgurerny\_ehargu.ong
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\Vagrearg Rkcybere\vrkcyber.rkr
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:P:\Cebtenz\uwg\UvwnpxGuvf.rkr
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACNGU:Trai�t gvyy UvwnpxGuvf.rkr.yax
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACVQY
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_EHACVQY:::{2559N1S4-21Q7-11Q4-OQNS-00P04S60O9S0}
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\UserAssist\{75048700-EF1F-11D0-9888-006097DEACF9}\Count\HRZR_HVFPHG
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\SavedLegacySettings
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\ShellNoRoam\BagMRU\MRUListEx
MOD HKEY_USERS\S-1-5-21-1229272821-413027322-839522115-1003\Software\Microsoft\Windows\Shell\Bags\1\Desktop\ColInfo
MOD c:\
MOD c:\Documents and Settings\Roger\Application Data
MOD c:\Documents and Settings\Roger\Application Data\Ethereal\recent
MOD c:\Documents and Settings\Roger\Application Data\Microsoft\Internet Explorer\Desktop.htt
MOD c:\Documents and Settings\Roger\Cookies
MOD c:\Documents and Settings\Roger\Cookies\index.dat
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Application Data\Microsoft\Windows\UsrClass.dat.LOG
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temp
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\492F49EJ
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\8XMJGLIZ
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\C12FS9AV
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\KHYB4HUB
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Temporary Internet Files\Content.IE5\index.dat
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5
MOD c:\Documents and Settings\Roger\Lokala inst�llningar\Tidigare\History.IE5\index.dat
MOD c:\Documents and Settings\Roger\Mina dokument
MOD c:\Documents and Settings\Roger\NTUSER.DAT.LOG
MOD c:\Documents and Settings\Roger\Recent
MOD c:\Program\Ethereal
MOD c:\Program\Ethereal\snmp\mibs\.index
MOD c:\Program\hjt
MOD c:\Program\systemsherlock
MOD c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003
MOD c:\RECYCLER\S-1-5-21-1229272821-413027322-839522115-1003\INFO2
MOD c:\WINDOWS
MOD c:\WINDOWS\Downloaded Program Files
MOD c:\WINDOWS\Prefetch
MOD c:\WINDOWS\Prefetch\CMD.EXE-087B4001.pf
MOD c:\WINDOWS\Prefetch\ETHEREAL.EXE-0D6AF674.pf
MOD c:\WINDOWS\Prefetch\HIJACKTHIS.EXE-06DDFE72.pf
MOD c:\WINDOWS\Prefetch\IEXPLORE.EXE-350E1020.pf
MOD c:\WINDOWS\Prefetch\NOTEPAD.EXE-336351A9.pf
MOD c:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
MOD c:\WINDOWS\Prefetch\SED.EXE-07C7F123.pf
MOD c:\WINDOWS\Prefetch\SYSTEMSHERLOCK.EXE-3ABE9B82.pf
MOD c:\WINDOWS\setupapi.log
MOD c:\WINDOWS\system
MOD c:\WINDOWS\system32
MOD c:\WINDOWS\system32\CatRoot2\dberr.txt
MOD c:\WINDOWS\system32\config\software.LOG
MOD c:\WINDOWS\system32\config\system
MOD c:\WINDOWS\system32\config\system.LOG
MOD c:\WINDOWS\system32\drivers\etc
MOD c:\WINDOWS\system32\wbem\Logs\wbemess.log
Compare finished.