S32evnt1.dll

Du sletter bare c:\\programmer\symantec <- hele mappen

så kommer den fejlmeddelse ikke mere..

Hvis den kommer igen efter en genstart, så råb op, så løser vi det på en anden måde

Generelt -> Mht fjernelse af Symantec/Norton:

Afinstaller
* Norton ...
via
[Start][Indstilninger][Kontrolpanel][Tilføj/fjern programmer]

Genstart for at fuldføre afinstalationen...

For dig med Vista/XP/2000
ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

Herefter downloader du denne fil, dobbeltklikker den, og siger ja til at tilføje værdierne i reg-basen:
ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/SYMMSICLEANUP.reg

Og for at ryddet helt op skal du også hente og køre denne bat fil:
ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/MSIFIX.bat

Registreringsdatabase ->
http://www.ccleaner.com/ + http://www.spywarefri.dk/manualer/ccleaner-manual.htm (Specielt punktet [Problemer]... kør evt. et par gange)
Under installationen får du tilbudt [Yahoo Toolbar]. Du kan sige ja eller NEJ til den.
(Du har vist den allerede instaleret!)

Genstart normalt...

Manuelt slet følgende mapper (hvis de stadig er der?)
C:\Programmer\Symantec\
C:\Programmer\Norton AntiVirus\
C:\Programmer\Fælles filer\Symantec Shared\
C:\Documents and Settings\All Users\Application Data\Symantec\
C:\Documents and Settings\[Bruger]\Application Data\Symantec\

Genstart normalt...

... ellers vil 'rester' drille resten af tiden...

----------------

Så er der tre Norton"slettere" i tråden. *G*

Så får den ikke et ben til jorden ;-)

jamen så siger vi 4 ;)

... la' os se/læse hvad <vivi> får ud af det *S* ...

Allerførst undskyld, fordi jeg først reagerer nu, men jeg stod noteret med en gammel e-post adresse.
Norton blev i sin tid afinstalleret fra Kontrolpanelet, alle biblioteker med Symantec slettet, dog glemte jeg den i fælles filer, som nu er slettet.
Ccleaner bruger jeg jævnligt.
Nu har jeg så efter råd fra DR1_Larry udført disse 2 ting:
ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/SYMMSICLEANUP.reg
ftp://ftp.symantec.com/public/english_us_canada/linked_files/tsgen/MSIFIX.bat
Msifix.bat har jeg også startet fra Temporery Internet Files, sort firkant dukker op og færidg, men det hjælper ikke.
Jeg har kørt Ccleaner nogle gange og genstartet, men stadigvæk får jeg ved start:

16-bit Windows Undersystemet
C:\programmer\Symantec\S32EVNT1.dll dll-initialisering mislykkedes for en installerbar virtuel enhedsdriver. Vælg Afslut for at lukke programmet.
I må lige fortælle mig, hvad jeg gør, når dette er overstået.
v.h.
Vivi

Følg denne vejledning:
http://www.spywarefri.dk/forum/links/hjtanv.htm

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:39:24, on 02-09-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Wtfunc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Programmer\Logitech\Video\CameraAssistant.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\MXOALDR.EXE
C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\RssReader\RssReader.exe
C:\Programmer\RegistrySmart\RegistrySmart.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\programmer\voipbuster.com\voipbuster\voipbuster.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\AdwareAlert\AdwareAlert.exe
C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programmer\InterVideo\WinDVR\WinScheduler.exe
C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe
C:\WINDOWS\explorer.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\V Lausen\Skrivebord\RydOp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rlausen.dk/start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\V LAUSEN\Application Data\Mozilla\Profiles\default\gnppkv5u.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5D036799-04FA-4970-8D15-DA33FDB80BCF} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Wintab Functions] C:\WINDOWS\system32\Wtfunc.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programmer\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programmer\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RegistrySmart] C:\Programmer\RegistrySmart\RegistrySmart.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RssReader] C:\Programmer\RssReader\RssReader.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\programmer\voipbuster.com\voipbuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [AdwareAlert] C:\Programmer\AdwareAlert\AdwareAlert.exe -boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: emprun.lnk = C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Programmer\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: Download all by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmer\Fælles filer\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: msvcp71 - http://download.pestpatrol.com/Downloads/Components/msvcp71.cab
O16 - DPF: msvcr71 - http://download.pestpatrol.com/Downloads/Components/msvcr71.cab
O16 - DPF: Nordea Online investering - https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00023} (Alm. Brand Netbank) - https://www.almbrand-netbank.dk/salmbrandibp2500ib100.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00042} (Sparekassen Sj‘lland Internet Bank) - https://www.spks.dk/ssparvestibp2500ib100.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120107589312
O16 - DPF: {6D72E2C2-F8E6-11D1-8AFB-000000000000} (ArcotClientControl Class) - https://www.swedbank.lu/arcotdownload/arcotplugin_win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132982180296
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37960.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://newscanner.virus112.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DABFA9AD-4E31-43F4-9D60-4CDD20F57F28} (PhotomaxUploader.ActiveXControl) - http://www.photomax.com/eu/web/PhotomaxUploader.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4359/mcfscan.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: fccdcab - fccdcab.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AdwareAlert Scanning Engine (AdwareAlertSrv) - Adobe Systems - (no file)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmer\Fælles filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Programmer\Dantz\Retrospect\retrorun.exe

--
End of file - 15417 bytes
---------------------------------------
ComboFix 07-08-30.3 - "V Lausen" 2007-09-02 21:45:26.1 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.130 [GMT 2:00]
* Created a new restore point


(((((((((((((((((((((((((((((((((((((((  Other Deletions  )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com


(((((((((((((((((((((((((  Files Created from 2007-08-02 to 2007-09-02  )))))))))))))))))))))))))))))))


2007-09-02 21:12    51,200    --a------    C:\WINDOWS\nircmd.exe
2007-09-02 13:50    10,872    --a------    C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-29 16:12    76,590    --a------    C:\WINDOWS\hpgins06.dat
2007-08-29 10:02    552    --a------    C:\WINDOWS\system32\d3d8caps.dat
2007-08-27 11:37    <DIR>    d--------    C:\WINDOWS\B6D5E63DEFF546169DB706D08F10B0C0.TMP
2007-08-27 09:57    713    ---------    C:\WINDOWS\hpgmdl06.dat
2007-08-24 21:50    <DIR>    d--------    C:\Virtual
2007-08-24 21:43    <DIR>    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
2007-08-18 14:40    <DIR>    d--------    C:\GARMIN
2007-08-18 14:25    8,320    --a------    C:\WINDOWS\system32\drivers\grmnusb.sys
2007-08-18 14:25    18,432    --a------    C:\WINDOWS\system32\drivers\grmngen.sys
2007-08-18 00:19    <DIR>    d--------    C:\Programmer\AdwareAlert
2007-08-17 22:03    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\AdwareAlert
2007-08-17 22:01    18,672    --a------    C:\WINDOWS\system32\drivers\antispyfilter.sys
2007-08-17 22:01    <DIR>    d----c---    C:\WINDOWS\system32\DRVSTORE
2007-08-17 10:34    <DIR>    d--------    C:\WINDOWS\exefnd
2007-08-15 10:05    <DIR>    d--------    C:\Programmer\RegClean
2007-08-15 10:05    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\RegClean
2007-08-13 14:35    <DIR>    d--------    C:\Programmer\PhotoFiltre
2007-08-12 21:52    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\cbt
2007-08-11 15:46    185,824    --a------    C:\WINDOWS\system32\8be142.sys
2007-08-05 11:57    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\RegistrySmart
2007-08-05 11:56    <DIR>    d--------    C:\Programmer\RegistrySmart
2007-08-02 19:10    <DIR>    d--------    C:\Programmer\HP Image Zone Express
2007-08-02 14:15    <DIR>    d--------    C:\Programmer\RogueRemover FREE
2007-08-02 14:07    <DIR>    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google


((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-09-02 21:04    0    --a------    C:\WINDOWS\system32\drivers\lvuvc.hs
2007-09-02 17:16    ---------    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-30 08:44    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\AdobeUM
2007-08-29 16:09    680    --a------    C:\WINDOWS\AUTOLNCH.REG
2007-08-29 09:47    ---------    d--------    C:\Programmer\SUPERAntiSpyware
2007-08-27 08:25    ---------    d--------    C:\Programmer\RssReader
2007-08-26 18:00    ---------    d--------    C:\Programmer\Brother's Keeper 6
2007-08-26 10:16    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\Skype
2007-08-20 07:26    ---------    d--------    C:\Programmer\Classic PhoneTools
2007-08-05 12:22    ---------    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Retrospect
2007-08-05 06:39    ---------    d--------    C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\Symantec
2007-08-02 20:32    ---------    d--------    C:\Programmer\RegistryFix
2007-08-02 19:10    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\Google
2007-08-02 17:21    ---------    d--------    C:\Programmer\Google
2007-07-30 19:19    92504    --a------    C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19    549720    --a------    C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19    53080    --a------    C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19    43352    --a------    C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19    325976    --a------    C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19    271224    --a------    C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19    207736    --a------    C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19    203096    --a------    C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19    1712984    --a------    C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18    33624    --a------    C:\WINDOWS\system32\wups.dll
2007-07-29 13:19    ---------    d--------    C:\Programmer\DftCom2
2007-07-28 13:53    ---------    d--------    C:\Programmer\GIMP-2.0
2007-07-24 11:14    ---------    d--------    C:\Programmer\NetMeter
2007-06-26 08:10    1104896    --a------    C:\WINDOWS\system32\msxml3.dll
2007-06-19 15:32    282112    --a------    C:\WINDOWS\system32\gdi32.dll
2007-06-13 15:22    1034240    --a------    C:\WINDOWS\explorer.exe
2005-05-12 00:36    12288    --a------    C:\WINDOWS\Fonts.\RandFont.dll
2004-08-20 14:49    116    --a------    C:\DOCUME~1\VLAUSE~1\BKSORT.BAT
2003-11-05 07:36    89600    --a------    C:\Programmer\rnuninst.exe
    ---------        C:\Programmer\Fælles filer\Wise Installation Wizard
    ---------        C:\Programmer\Fælles filer\System
    ---------        C:\Programmer\Fælles filer\Microsoft Shared
    ---------        C:\Programmer\Fælles filer


(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5D036799-04FA-4970-8D15-DA33FDB80BCF}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
"Wintab Functions"="C:\WINDOWS\system32\Wtfunc.exe" [2002-01-22 11:30]
"Acecad.Wtxpload"="C:\WINDOWS\Acecad\Wtxpload.exe" [2002-01-29 02:05]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 12:56]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-09-01 13:04]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 18:22]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-17 07:25]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2005-12-15 08:02]
"MaxtorOneTouch"="C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe" [2003-05-21 15:30]
"LogitechVideo[inspector]"="C:\Programmer\Logitech\Video\InstallHelper.exe" [2005-09-07 06:39]
"LogitechCameraAssistant"="C:\Programmer\Logitech\Video\CameraAssistant.exe" [2005-09-07 06:33]
"iTunesHelper"="C:\Programmer\iTunes\iTunesHelper.exe" [2005-10-18 12:58]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12]
"Adobe Photo Downloader"="C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46]
"RegistrySmart"="C:\Programmer\RegistrySmart\RegistrySmart.exe" [2007-08-01 22:58]
"MXO Auto Loader"="C:\WINDOWS\MXOALDR.EXE" [2003-04-07 18:09]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"!AVG Anti-Spyware"="C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 02:53]
"RssReader"="C:\Programmer\RssReader\RssReader.exe" [2004-04-04 18:21]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-28 07:26]
"VoipBuster"="C:\programmer\voipbuster.com\voipbuster\voipbuster.exe" [2007-07-02 14:42]
"LogitechSoftwareUpdate"="C:\Programmer\Logitech\Video\ManifestEngine.exe" [2005-01-18 17:07]
"LDM"="C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-14 06:58]
"AdwareAlert"="C:\Programmer\AdwareAlert\AdwareAlert.exe" [2007-08-10 15:08]

C:\DOCUME~1\VLAUSE~1\MENUEN~1\PROGRA~1\Start\
emprun.lnk - C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe [2001-08-16 20:23:04]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccdcab]
fccdcab.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\N2PDialr]

R1 AntiSpyFilter;AntiSpyFilter;C:\WINDOWS\system32\DRIVERS\antispyfilter.sys
R3 ham50;Creatix V.90 HAM Data Fax Modem;C:\WINDOWS\system32\DRIVERS\CTXH51.sys
R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys
S0 epstwnt;epstwnt;C:\WINDOWS\system32\Drivers\epstwnt.mpd
S2 SHARSHTL;Shuttle Sharer;C:\WINDOWS\system32\Drivers\sharshtl.sys
S3 8be142;8be142;\??\C:\WINDOWS\system32\8be142.sys
S3 epstw2k;Driver til SCM Parallel Port SCSI;C:\WINDOWS\system32\DRIVERS\epstw2k.sys
S3 grmnusb;grmnusb;C:\WINDOWS\system32\drivers\grmnusb.sys
S3 MaxtorFrontPanel1;Maxtor 1394 Storage Front Panel Driver;C:\WINDOWS\system32\DRIVERS\mxofwfp.sys
S3 MXOFX;USB Storage Adapter FX (MXO);C:\WINDOWS\system32\DRIVERS\MXOFX.SYS
S3 scsiscan;SCSI-scannerdriver;C:\WINDOWS\system32\DRIVERS\scsiscan.sys
S3 Unilocator;Unilocator;C:\WINDOWS\system32\locatrNT.exe
S3 W2acehid;Acecad HID;C:\WINDOWS\system32\DRIVERS\W2acehid.sys
S3 Wtcls2k;Wtcls2k;C:\WINDOWS\system32\DRIVERS\Wtcls2k.sys

*Newly Created Service* - CATCHME

Contents of the 'Scheduled Tasks' folder
2007-09-02 19:09:48 C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job - C:\Programmer\AdwareAlert\AdwareAlert.exe
2007-08-28 01:30:28 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job - C:\Programmer\RegClean\RegClean.exe
2007-09-02 19:07:28 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job - C:\Programmer\RegistrySmart\RegistrySmart.exe
2007-09-02 07:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy -  Scheduled Task.job - C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
2007-09-02 11:34:21 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0969F6B2-7C01-411A-B7B9-2F94E02AFE4B}.job - C:\WINDOWS\system32\msfeedssync.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-02 21:54:44
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCameraAssistant"="C:\\Programmer\\Logitech\\Video\\CameraAssistant.exe"

Completion time: 2007-09-02 21:58:24
C:\ComboFix-quarantined-files.txt ... 2007-09-02 21:58

    --- E O F ---
----------------------------------------------
********************************* ROOTCHK-(22-08-07)-LOG, by ejvindh
02-09-2007 22:04:05,84

The rootkits that are detected by this tool were not found.

********************************* ROOTCHK-LOG-end


catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-02 22:04:06
Windows 5.1.2600 Service Pack 2
scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:0000013b

scanning hidden files ...

hidden processes: 0
hidden files: 0
------------------------------

[02-09-2007 21:09:23] Timer deletion failed, Value: 000003E5

Jeg er ikke sikker på, at jeg fik en log-fil fra AVG AntiSpyware.
v.h.
Vivi

Klik på Start->Kør skriv Regedit og klik på OK.
I venstre vindueshalvdel af det vindue der åbner, klikker du dig frem til denne mappe:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\VirtualDeviceDrivers
I højre halvdel, højreklikker du på VDD, vælger Rediger og sletter Værdidata, klik på OK og luk regedit.
---------------------------------------
Klik på Start->Kør skriv Services.msc og klik OK.
Find Tjenesten >> AdwareAlert Scanning Engine (AdwareAlertSrv) << stop den hvis den kører, højreklik på den, klik på Egenskaber og vælg Starttype Deaktiveret.
---------------------------------------
Afinstaller Adwarealert og Logitech Desktop Messenger i Tilføj/Fjern programmer, genstart.
---------------------------------------
Hent Ccleaner her:
http://www.filehippo.com/download_ccleaner/
Installer Ccleaner, husk at fjerne fluebenet udfor installation af Yahoo toolbar.
Start programmet, fjern fluebenet i cookies.
Klik på kør Cleaner og lad den fjerne hvad den finder.
Klik så på Problemer ovre i venstre side (den blå terning), klik på Skan efter problemer, når den er færdig, klik på Udbedre valgte problemer, lav evt. en backup af registreringsdatabasen, klik så på udbedre alle valgte problemer.
Klik på OK, klik på Luk når den er færdig.
Genstart.
---------------------------------------
Start superantispyware, klik på Check for updates, når det er opdateret, luk programmet, du skal ikke scanne endnu.
---------------------------------------
Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {5D036799-04FA-4970-8D15-DA33FDB80BCF} - (no file)
O4 - HKCU\..\Run: [AdwareAlert] C:\Programmer\AdwareAlert\AdwareAlert.exe -boot
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37960.cab
O20 - Winlogon Notify: fccdcab - fccdcab.dll (file missing)

---------------------------------------
Kopiér indholdet mellem de bølgede linier ind i et notepad-vindue, og gem indholdet i samme mappe, som Combofix ligger med navnet CFScript.txt. Når du gemmer, skal du sikre, at der under "filtyper" står "alle filer".

~~~~~~~~~~~~~~~~~~~~~~~~~~
File::
C:\WINDOWS\system32\DRIVERS\antispyfilter.sys
C:\WINDOWS\system32\8be142.sys
C:\WINDOWS\Tasks\AdwareAlert Scheduled Scan.job

Folder::
C:\Programmer\AdwareAlert

~~~~~~~~~~~~~~~~~~~~~~~~~~
Tag så fat i den nye fil med musen, og før den hen over Combofix-filen, hvorefter du "giver slip" med musen. - http://www.fromsej.saknet.dk/billeder/cfscript.gif
Så skulle Combofix gerne give sig til at arbejde. Muligvis vil den kræve en genstart, hvilket du skal tillade. Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
---------------------------------------
Genstart i fejlsikret (tryk på <F8> under opstarten)
Start SuperAntiSpyware, klik på Scan your Computer, sæt flueben i de drev der skal scannes.
(Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.

Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet, genstart normalt.
---------------------------------------
Start SuperAntiSpyware igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, den åbner i notesblok, kopier resultatet herind.
Vi skal også se en frisk hijackthislog, samt den nye combofixlog.

Fortæl lige om du stadig får meldingen om den manglende DLL fil.

Som en ulydig elev startede jeg med opgaven mellem de krøllede linier, da jeg stadigvæk havde Hijachi på skærmen. Derefter genstartede jeg PC'en, da den havde været tændt i over et døgn. Fejlmeldelelsen var nu forsvundet.
Fejlmeddelelsen kom ikke, da jeg afinstallerede Norton, men da jeg fjernede bibliotekerne med Symantec.
Jeg fornemmer, at du mistænker AdwareAlert. Det er et købeprogram, der er installeret efter at fejlmeddelelsen kom.
Skal jeg fortsætte? Det gør jeg gerne, hvis du mener, at der er ting på min PC, der ikke bør være der, eller hvis jeg har skadet andre programmer ved at fjerne de 6 linier i Hijacki.

Jeg vrøvler. Det er naturligvis de listede linier i Hijacki, jeg har udført, og ikke noget med teksten mellem de krøllede linier.

Adwarealert er på "Dårlig"listen, derfor anbefaler jeg at du fjerner den:
http://www.2-spyware.com/review-adwarealert.html

Fejlen er en rest af symantec, det møgfirma kan hverken lave et ordentligt AV program, eller en uninstaller der rydder op efter sig, men regeditforklaringen skulle løse det problem.

Så ja, du bør følge vejledningen. :-)

Da jeg ikke er klar over, om jeg skulle scanne igen, indsætter jeg de 2 sidste logs.
-------------------------------------------------------
SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/08/2007 at 08:34 PM

Application Version : 3.9.1008

Core Rules Database Version : 3301
Trace Rules Database Version: 1307

Scan type      : Complete Scan
Total Scan Time : 02:07:34

Memory items scanned      : 520
Memory threats detected  : 0
Registry items scanned    : 7221
Registry threats detected : 0
File items scanned        : 74060
File threats detected    : 0
----------------------------------------------------------------

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/07/2007 at 08:20 PM

Application Version : 3.9.1008

Core Rules Database Version : 3301
Trace Rules Database Version: 1307

Scan type      : Complete Scan
Total Scan Time : 01:56:32

Memory items scanned      : 177
Memory threats detected  : 0
Registry items scanned    : 7216
Registry threats detected : 0
File items scanned        : 61626
File threats detected    : 3

Adware.Tracking Cookie
    C:\Documents and Settings\V Lausen\Cookies\v_lausen@tribalfusion[1].txt

Unclassified.SpywareBot (Not A Threat)
    D:\VIVI\PROGRAMMER\ADADWARE\ADWARE ALERT\SETUP.EXE
    D:\VIVI\PROGRAMMER\REGISTRYSMART\ADWAREALERT\SETUP.EXE
-----------------------------------------------------------------
-----------------------------------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 07:11:58, on 09-09-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Dantz\Retrospect\retrorun.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Canon\CAL\CALMAIN.exe
C:\WINDOWS\system32\Wtfunc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
C:\Programmer\Logitech\Video\CameraAssistant.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\MXOALDR.EXE
C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe
C:\Programmer\RegistrySmart\RegistrySmart.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\RssReader\RssReader.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\programmer\voipbuster.com\voipbuster\voipbuster.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\InterVideo\WinDVR\WinScheduler.exe
C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\V Lausen\Skrivebord\RydOp\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://rlausen.dk/start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
N2 - Netscape 6: user_pref("browser.search.defaultengine", "http://www.google.com/"); (C:\Documents and Settings\V LAUSEN\Application Data\Mozilla\Profiles\default\gnppkv5u.slt\prefs.js)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Wintab Functions] C:\WINDOWS\system32\Wtfunc.exe
O4 - HKLM\..\Run: [Acecad.Wtxpload] C:\WINDOWS\Acecad\Wtxpload.exe Acecad
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Programmer\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Programmer\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [RegistrySmart] C:\Programmer\RegistrySmart\RegistrySmart.exe
O4 - HKLM\..\Run: [MXO Auto Loader] C:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RssReader] C:\Programmer\RssReader\RssReader.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [VoipBuster] "C:\programmer\voipbuster.com\voipbuster\voipbuster.exe" -nosplash -minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: emprun.lnk = C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = ?
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\Programmer\InterVideo\WinDVR\WinScheduler.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Add to filterlist (WebWasher) - http://-Web.Washer-/ie_add
O8 - Extra context menu item: Download all by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddList.html
O8 - Extra context menu item: Download by Net Transport - C:\PROGRA~1\Xi\NETTRA~1\NTAddLink.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Researcher - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Programmer\Fælles filer\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: msvcp71 - http://download.pestpatrol.com/Downloads/Components/msvcp71.cab
O16 - DPF: msvcr71 - http://download.pestpatrol.com/Downloads/Components/msvcr71.cab
O16 - DPF: Nordea Online investering - https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavwebscan_unicode.cab
O16 - DPF: {106E49CF-797A-11D2-81A2-00E02C015623} - http://www.alternatiff.com/install/00/alttiff.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00023} (Alm. Brand Netbank) - https://www.almbrand-netbank.dk/salmbrandibp2500ib100.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00042} (Sparekassen Sj‘lland Internet Bank) - https://www.spks.dk/ssparvestibp2500ib100.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {2359626E-7524-4F87-B04E-22CD38A0C88C} (ICSScannerLight Class) - http://download.zonelabs.com/bin/free/cm/ICSCM.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.safety.live.com/resource/download/scanner/wlscbase8460.cab
O16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120107589312
O16 - DPF: {6D72E2C2-F8E6-11D1-8AFB-000000000000} (ArcotClientControl Class) - https://www.swedbank.lu/arcotdownload/arcotplugin_win32.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1132982180296
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8EB3FF4E-86A1-4717-884D-7BA2D38272CB} (F-Secure Online Scanner) - http://newscanner.virus112.com/ols/fscax.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DABFA9AD-4E31-43F4-9D60-4CDD20F57F28} (PhotomaxUploader.ActiveXControl) - http://www.photomax.com/eu/web/PhotomaxUploader.CAB
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) - http://h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?316
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4359/mcfscan.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Programmer\Canon\CAL\CALMAIN.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programmer\fælles filer\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmer\Fælles filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\Programmer\Dantz\Retrospect\retrorun.exe

--
End of file - 14780 bytes
-----------------------------------------------------------------------------
-----------------------------------------------------------------------------
ComboFix 07-08-30.3 - "V Lausen" 2007-09-09  7:16:36.3 - NTFSx86
Microsoft Windows XP Home Edition  5.1.2600.2.1252.1.1030.18.121 [GMT 2:00]


(((((((((((((((((((((((((  Files Created from 2007-08-09 to 2007-09-09  )))))))))))))))))))))))))))))))


2007-09-02 21:12    51,200    --a------    C:\WINDOWS\nircmd.exe
2007-09-02 13:50    10,872    --a------    C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-08-29 16:12    76,590    --a------    C:\WINDOWS\hpgins06.dat
2007-08-29 10:02    552    --a------    C:\WINDOWS\system32\d3d8caps.dat
2007-08-27 11:37    <DIR>    d--------    C:\WINDOWS\B6D5E63DEFF546169DB706D08F10B0C0.TMP
2007-08-27 09:57    713    ---------    C:\WINDOWS\hpgmdl06.dat
2007-08-24 21:50    <DIR>    d--------    C:\Virtual
2007-08-24 21:43    <DIR>    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\BufferZone
2007-08-18 14:40    <DIR>    d--------    C:\GARMIN
2007-08-18 14:25    8,320    --a------    C:\WINDOWS\system32\drivers\grmnusb.sys
2007-08-18 14:25    18,432    --a------    C:\WINDOWS\system32\drivers\grmngen.sys
2007-08-17 22:03    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\AdwareAlert
2007-08-17 22:01    <DIR>    d----c---    C:\WINDOWS\system32\DRVSTORE
2007-08-17 10:34    <DIR>    d--------    C:\WINDOWS\exefnd
2007-08-15 10:05    <DIR>    d--------    C:\Programmer\RegClean
2007-08-15 10:05    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\RegClean
2007-08-13 14:35    <DIR>    d--------    C:\Programmer\PhotoFiltre
2007-08-12 21:52    <DIR>    d--------    C:\DOCUME~1\VLAUSE~1\cbt


((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-09-09 07:04    ---------    d--------    C:\Programmer\SUPERAntiSpyware
2007-09-09 06:58    0    --a------    C:\WINDOWS\system32\drivers\lvuvc.hs
2007-09-02 17:16    ---------    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-08-31 12:20    ---------    d--------    C:\Programmer\RegistrySmart
2007-08-31 12:20    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\RegistrySmart
2007-08-30 08:44    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\AdobeUM
2007-08-29 16:09    680    --a------    C:\WINDOWS\AUTOLNCH.REG
2007-08-27 08:25    ---------    d--------    C:\Programmer\RssReader
2007-08-26 18:00    ---------    d--------    C:\Programmer\Brother's Keeper 6
2007-08-26 10:16    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\Skype
2007-08-20 07:26    ---------    d--------    C:\Programmer\Classic PhoneTools
2007-08-05 12:22    ---------    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Retrospect
2007-08-05 06:39    ---------    d--------    C:\WINDOWS\system32\config\SYSTEM~1\APPLIC~1\Symantec
2007-08-02 20:32    ---------    d--------    C:\Programmer\RegistryFix
2007-08-02 19:10    ---------    d--------    C:\Programmer\RogueRemover FREE
2007-08-02 19:10    ---------    d--------    C:\Programmer\HP Image Zone Express
2007-08-02 19:10    ---------    d--------    C:\DOCUME~1\VLAUSE~1\APPLIC~1\Google
2007-08-02 19:10    ---------    d--------    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-08-02 17:21    ---------    d--------    C:\Programmer\Google
2007-07-30 19:19    92504    --a------    C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19    549720    --a------    C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19    53080    --a------    C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19    43352    --a------    C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19    325976    --a------    C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19    271224    --a------    C:\WINDOWS\system32\mucltui.dll
2007-07-30 19:19    207736    --a------    C:\WINDOWS\system32\muweb.dll
2007-07-30 19:19    203096    --a------    C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19    1712984    --a------    C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:18    33624    --a------    C:\WINDOWS\system32\wups.dll
2007-07-29 13:19    ---------    d--------    C:\Programmer\DftCom2
2007-07-28 13:53    ---------    d--------    C:\Programmer\GIMP-2.0
2007-07-24 11:14    ---------    d--------    C:\Programmer\NetMeter
2007-06-26 08:10    1104896    --a------    C:\WINDOWS\system32\msxml3.dll
2007-06-19 15:32    282112    --a------    C:\WINDOWS\system32\gdi32.dll
2007-06-13 15:22    1034240    --a------    C:\WINDOWS\explorer.exe
2005-05-12 00:36    12288    --a------    C:\WINDOWS\Fonts.\RandFont.dll
2004-08-20 14:49    116    --a------    C:\DOCUME~1\VLAUSE~1\BKSORT.BAT
2003-11-05 07:36    89600    --a------    C:\Programmer\rnuninst.exe
    ---------        C:\Programmer\Fælles filer\Wise Installation Wizard
    ---------        C:\Programmer\Fælles filer\System
    ---------        C:\Programmer\Fælles filer\Microsoft Shared
    ---------        C:\Programmer\Fælles filer


(((((((((((((((((((((((((((((  snapshot_2007-09-02_215629,60  )))))))))))))))))))))))))))))))))))))))))

----a-w            14,336 1997-07-11 06:00:00  C:\WINDOWS\system32\MSIMRT.DLL
----a-w            10,544 1997-07-11 06:00:00  C:\WINDOWS\system32\MSIMRT16.DLL
----a-w            22,016 1997-07-11 06:00:00  C:\WINDOWS\system32\MSIMRT32.DLL
----a-w          120,320 1997-07-11 06:00:00  C:\WINDOWS\system32\MSIMUSIC.DLL
----a-w          821,600 2007-09-04 08:14:10  C:\WINDOWS\system32\drivers\avg7core.sys
----atw            16,384 2007-09-07 18:43:56  C:\WINDOWS\Temp\Perflib_Perfdata_a4.dat
----atw            16,384 2007-09-04 04:57:00  C:\WINDOWS\Temp\Perflib_Perfdata_b8.dat
----atw            16,384 2007-09-09 04:59:29  C:\WINDOWS\Temp\Perflib_Perfdata_c0.dat
----atw            16,384 2007-09-08 16:21:16  C:\WINDOWS\Temp\Perflib_Perfdata_f8.dat

----a-w          821,536 2007-08-17 05:25:14  C:\WINDOWS\system32\drivers\avg7core.sys
----atw            16,384 2007-02-28 08:16:56  C:\WINDOWS\Temp\Perflib_Perfdata_a4.dat
----atw            16,384 2007-02-16 05:02:10  C:\WINDOWS\Temp\Perflib_Perfdata_b8.dat
----atw            16,384 2007-02-08 21:48:05  C:\WINDOWS\Temp\Perflib_Perfdata_c0.dat
----atw            16,384 2007-08-26 16:30:40  C:\WINDOWS\Temp\Perflib_Perfdata_f8.dat

(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2003-10-06 15:16]
"Wintab Functions"="C:\WINDOWS\system32\Wtfunc.exe" [2002-01-22 11:30]
"Acecad.Wtxpload"="C:\WINDOWS\Acecad\Wtxpload.exe" [2002-01-29 02:05]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe" [2002-03-18 12:56]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-09-01 13:04]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 18:22]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-08-17 07:25]
"QuickTime Task"="C:\Programmer\QuickTime\qttask.exe" [2005-12-15 08:02]
"MaxtorOneTouch"="C:\PROGRA~1\Maxtor\OneTouch\Utils\OneTouch.exe" [2003-05-21 15:30]
"LogitechVideo[inspector]"="C:\Programmer\Logitech\Video\InstallHelper.exe" [2005-09-07 06:39]
"LogitechCameraAssistant"="C:\Programmer\Logitech\Video\CameraAssistant.exe" [2005-09-07 06:33]
"iTunesHelper"="C:\Programmer\iTunes\iTunesHelper.exe" [2005-10-18 12:58]
"HP Software Update"="C:\Programmer\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12]
"Adobe Photo Downloader"="C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-07 00:46]
"RegistrySmart"="C:\Programmer\RegistrySmart\RegistrySmart.exe" [2007-08-01 22:58]
"MXO Auto Loader"="C:\WINDOWS\MXOALDR.EXE" [2003-04-07 18:09]
"SunJavaUpdateSched"="C:\Programmer\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
"!AVG Anti-Spyware"="C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-27 02:53]
"RssReader"="C:\Programmer\RssReader\RssReader.exe" [2004-04-04 18:21]
"SUPERAntiSpyware"="C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-28 07:26]
"VoipBuster"="C:\programmer\voipbuster.com\voipbuster\voipbuster.exe" [2007-07-02 14:42]
"LogitechSoftwareUpdate"="C:\Programmer\Logitech\Video\ManifestEngine.exe" [2005-01-18 17:07]
"LDM"="C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-02-14 06:58]

C:\DOCUME~1\VLAUSE~1\MENUEN~1\PROGRA~1\Start\
emprun.lnk - C:\Programmer\Empty Temp Folders 2.8.3\emprun.exe [2001-08-16 20:23:04]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\N2PDialr]

R3 ham50;Creatix V.90 HAM Data Fax Modem;C:\WINDOWS\system32\DRIVERS\CTXH51.sys
R3 LVPrcMon;Logitech LVPrcMon Driver;\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys
R3 WinDriver6;WinDriver6;C:\WINDOWS\system32\drivers\windrvr6.sys
S0 epstwnt;epstwnt;C:\WINDOWS\system32\Drivers\epstwnt.mpd
S2 SHARSHTL;Shuttle Sharer;C:\WINDOWS\system32\Drivers\sharshtl.sys
S3 8be142;8be142;\??\C:\WINDOWS\system32\8be142.sys
S3 epstw2k;Driver til SCM Parallel Port SCSI;C:\WINDOWS\system32\DRIVERS\epstw2k.sys
S3 grmnusb;grmnusb;C:\WINDOWS\system32\drivers\grmnusb.sys
S3 MaxtorFrontPanel1;Maxtor 1394 Storage Front Panel Driver;C:\WINDOWS\system32\DRIVERS\mxofwfp.sys
S3 MXOFX;USB Storage Adapter FX (MXO);C:\WINDOWS\system32\DRIVERS\MXOFX.SYS
S3 scsiscan;SCSI-scannerdriver;C:\WINDOWS\system32\DRIVERS\scsiscan.sys
S3 Unilocator;Unilocator;C:\WINDOWS\system32\locatrNT.exe
S3 W2acehid;Acecad HID;C:\WINDOWS\system32\DRIVERS\W2acehid.sys
S3 Wtcls2k;Wtcls2k;C:\WINDOWS\system32\DRIVERS\Wtcls2k.sys


Contents of the 'Scheduled Tasks' folder
2007-09-03 01:30:16 C:\WINDOWS\Tasks\RegClean Scheduled Scan.job - C:\Programmer\RegClean\RegClean.exe
2007-09-09 05:00:43 C:\WINDOWS\Tasks\RegistrySmart Scheduled Scan.job - C:\Programmer\RegistrySmart\RegistrySmart.exe
2007-09-04 07:00:00 C:\WINDOWS\Tasks\Spybot - Search & Destroy -  Scheduled Task.job - C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
2007-09-08 16:24:08 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0969F6B2-7C01-411A-B7B9-2F94E02AFE4B}.job - C:\WINDOWS\system32\msfeedssync.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-09 07:22:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCameraAssistant"="C:\\Programmer\\Logitech\\Video\\CameraAssistant.exe"

Completion time: 2007-09-09  7:26:54
C:\ComboFix-quarantined-files.txt ... 2007-09-09 07:26
C:\ComboFix2.txt ... 2007-09-07 18:09
C:\ComboFix3.txt ... 2007-09-02 21:58

    --- E O F ---
Med venlig hilsen
Vivi Lausen

Jeg har vist kludret godt i det m.h.t. kommentarer og svar. Når jeg lægger det under svar, er det fordi, jeg har en ældre anvisning fra dig til en anden om brug af eksperten, hvor du opfordrer til "svar", men egentlig er det jo mig, der spørger, og dig, der svarer.
Du har hjulpet mig af med problemet. De første svar, jeg modtog, henviste egentlig kun til det, som jeg havde udført. Så de få point må tilhøre dig, men så vidt jeg husker, var der også noget med en "kaffekasse".

Der er mange der roder rundt i kommentar/svar, så fred være med det. :-)

Din log er ren, vi skal ikke se flere logs.
Du kan roligt afinstallere Logitech Desktop Messenger i Tilføj/Fjern programmer, det er ret højt på listen over inderligt overflødige programmer.

Kaffekassen er ikke en del af Eksperten, den holder vi ovre i Spywarefri´s forum.

Jeg har trykket på Accepter, men intet sker tilsyneladende.
Tak til alle, der har involveret sig, men dine mere omsiggribende undersøgelser er dem, der har fjernet fejlmeddelelsen.
Logitech Desktop kan ikke slettes via "Til og fjern", så jeg har brugt RegCleaner under programmer og startop.
Tak for hjælpen.

http://expfaq.dk/behandling_af_svar#behandling_af_svar

Tak til dr1_larry - jeg prøver det.

Tak for point. :-)