Har jeg renset maskinen helt for virusisolator og error cleaner?

Jeg er ny her, så  jeg ved ikke om dette er det rette sted at i sitet at spørge?
Jeg har været ved at rense efter opskriften i artiklen "Nye våben"; er der en ekspert, som vil se på sagen, så bukker og takker jeg? Her er de tre logfiler:

Logfile of HijackThis v1.99.1
Scan saved at 16:13:18, on 22-04-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Programmer\Microsoft LifeCam\MSCamS32.exe
C:\Programmer\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\Programmer\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Norman\Npm\bin\ZLH.EXE
C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmer\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Norman\Nvc\bin\nvcoas.exe
C:\Programmer\DAEMON Tools Lite\daemon.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Programmer\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
C:\WINDOWS\System32\alg.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\SMART Technologies Inc\SMART Board Software\Aware.exe
C:\Programmer\SMART Technologies Inc\SMART Board Software\Marker.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\AJ\Skrivebord\anti-virus\alternativ.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Programmer\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmer\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmer\BitComet\tools\BitCometBHO_1.2.2.28.dll
O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80E00A77B} - C:\Programmer\SMART Technologies Inc\Notebook Software\NotebookPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Programmer\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar3.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O2 - BHO: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Programmer\Torrent-Search\tbTor1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programmer\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar3.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Programmer\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Torrent-Search Toolbar - {e0c7b854-d5ce-4db6-9804-be1438603d89} - C:\Programmer\Torrent-Search\tbTor1.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Programmer\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Programmer\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Programmer\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [TCASUTIEXE] TCAUDIAG.exe -off
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [Omnipage] C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [FineReader7NewsReaderPro] "C:\Programmer\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\ppe.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmer\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [OrderReminder] C:\Programmer\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [LifeCam] "C:\Programmer\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Programmer\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Programmer\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - Global Startup: SMART Board-værktøjer.lnk = C:\Programmer\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programmer\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Download alle med NetXfer - C:\Programmer\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Download med NetXfer - C:\Programmer\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Overfør med Star Downloader - C:\Programmer\Star Downloader\sdie.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra 'Tools' menuitem: Adgangforalle.dk fjernbetjening - {0AD5A451-967F-46BD-9F5E-39247D7FC77F} - c:\AdgangForAlle\adgangforalle.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Programmer\BitComet\tools\BitCometBHO_1.2.2.28.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O15 - Trusted Zone: http://www.ansskole.dk
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://webnode1.xstream.dk/radiostationer/rawflow/204/Rawflow.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1168710738593
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.ansskole.dk/Li/_includes/XUpload.ocx
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FLLESF~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: wdpoefan - {740FA88D-6927-47C1-8497-906CCF9A37FE} - C:\WINDOWS\wdpoefan.dll
O21 - SSODL: vadokmxt - {64D63BCE-0ECD-4945-968E-CA978DF8D832} - C:\WINDOWS\vadokmxt.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programmer\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programmer\Fælles filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: GoogleDesktopManager - Google - C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Programmer\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SMART Board-tjeneste (SMART Board Service) - SMART Technologies Inc. - C:\Programmer\SMART Technologies Inc\SMART Board Software\SMARTBoardService.exe
O23 - Service: SMART Web Server - Unknown owner - C:\Programmer\SMART Technologies Inc\SMART Board Software\WebServer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programmer\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Programmer\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

ComboFix 08-04-20.5 - AJ 2008-04-22 17:06:44.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.2.1252.1.1030.18.343 [GMT 2:00]
Running from: C:\Documents and Settings\AJ\Skrivebord\anti-virus\ComboFix.exe
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((  Files Created from 2008-03-22 to 2008-04-22  )))))))))))))))))))))))))))))))
.

2008-04-21 21:36 . 2008-04-21 21:36    <DIR>    d--------    C:\Programmer\Enigma Software Group
2008-04-21 16:58 . 2008-04-21 13:48    212,992    --a------    C:\WINDOWS\wdpoefan.dll
2008-04-21 16:58 . 2008-04-21 13:48    167,936    --a------    C:\WINDOWS\vadokmxt.dll
2008-04-21 16:58 . 2008-04-21 13:48    94,208    --a------    C:\WINDOWS\olgdqarf.exe
2008-04-21 16:58 . 2008-04-21 13:48    81,920    --a------    C:\WINDOWS\wxvgsdbq.exe
2008-04-21 16:35 . 2008-04-21 17:02    <DIR>    d-a------    C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-21 15:47 . 2008-04-21 15:47    <DIR>    d--------    C:\Programmer\Xvid
2008-04-21 15:47 . 2008-04-21 15:47    641,021    --a------    C:\WINDOWS\unins001.exe
2008-04-21 15:47 . 2004-07-26 12:13    200,192    --a------    C:\WINDOWS\system32\LameACM.acm
2008-04-21 15:47 . 2004-07-26 12:12    187,904    --a------    C:\WINDOWS\system32\Lame.exe
2008-04-21 15:47 . 2004-07-26 12:12    166,912    --a------    C:\WINDOWS\system32\Lame_enc.dll
2008-04-21 15:47 . 1999-09-10 12:06    45,056    --a------    C:\WINDOWS\system32\WNASPI32.DLL
2008-04-21 15:47 . 1999-09-10 12:06    25,244    --a------    C:\WINDOWS\system32\drivers\ASPI32.SYS
2008-04-21 15:47 . 1999-09-10 12:06    5,600    --a------    C:\WINDOWS\system\WINASPI.DLL
2008-04-21 15:47 . 1999-09-10 12:06    4,672    --a------    C:\WINDOWS\system\WOWPOST.EXE
2008-04-21 15:47 . 2008-04-21 15:47    1,665    --a------    C:\WINDOWS\unins001.dat
2008-04-21 15:47 . 2002-04-07 11:17    414    --a------    C:\WINDOWS\system32\Lame_acm.xml
2008-04-21 15:46 . 2008-04-21 16:37    <DIR>    d--------    C:\Programmer\EasyDVDRip
2008-04-20 21:03 . 2008-04-20 21:03    <DIR>    d--------    C:\Programmer\Foxit Software
2008-04-20 10:19 . 2008-04-20 10:19    552    --a------    C:\WINDOWS\system32\d3d8caps.dat
2008-04-20 09:21 . 2008-04-20 10:08    <DIR>    d--------    C:\VundoFix Backups
2008-04-19 23:23 . 2008-04-19 23:23    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-04-19 23:22 . 2008-04-20 08:51    <DIR>    d--------    C:\Programmer\SUPERAntiSpyware
2008-04-19 23:22 . 2008-04-19 23:22    <DIR>    d--------    C:\Documents and Settings\AJ\Application Data\SUPERAntiSpyware.com
2008-04-18 10:18 . 2008-04-18 10:27    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-17 21:50 . 2008-04-17 21:50    4,512    --a------    C:\WINDOWS\system32\tmp.reg
2008-04-17 21:42 . 2008-04-22 15:48    54,156    --ah-----    C:\WINDOWS\QTFont.qfn
2008-04-17 21:42 . 2008-04-17 21:42    1,409    --a------    C:\WINDOWS\QTFont.for
2008-04-17 20:57 . 2008-04-17 20:57    <DIR>    d--------    C:\WINDOWS\ERUNT
2008-04-17 20:56 . 2008-04-17 21:40    <DIR>    d--------    C:\SDFix
2008-04-17 20:47 . 2008-04-22 15:35    <DIR>    d--------    C:\Documents and Settings\Administrator\Skrivebord
2008-04-17 20:47 . 2007-01-13 11:44    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Skabeloner
2008-04-17 20:47 . 2007-01-13 11:37    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Printere
2008-04-17 20:47 . 2007-01-13 11:37    <DIR>    dr-------    C:\Documents and Settings\Administrator\Menuen Start
2008-04-17 20:47 . 2008-04-22 17:15    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Lokale indstillinger
2008-04-17 20:47 . 2007-01-13 11:37    <DIR>    d--------    C:\Documents and Settings\Administrator\Foretrukne
2008-04-17 20:47 . 2007-01-13 11:37    <DIR>    d--------    C:\Documents and Settings\Administrator\Dokumenter
2008-04-17 20:47 . 2007-01-13 11:37    <DIR>    d--h-----    C:\Documents and Settings\Administrator\Andre computere
2008-04-17 20:47 . 2008-04-17 20:47    <DIR>    d--------    C:\Documents and Settings\Administrator
2008-04-17 20:47 . 2008-04-22 15:25    1,024    --ah-----    C:\Documents and Settings\Administrator\NTUSER.DAT.LOG
2008-04-17 20:06 . 2008-04-17 21:46    <DIR>    d--------    C:\Programmer\SpyZooka
2008-04-17 16:00 . 2008-04-21 19:59    <DIR>    d--------    C:\Documents and Settings\AJ\Application Data\TmpRecentIcons
2008-04-17 15:04 . 2008-04-17 15:02    691,545    --a------    C:\WINDOWS\unins000.exe
2008-04-17 15:04 . 2008-04-17 15:04    2,545    --a------    C:\WINDOWS\unins000.dat
2008-04-17 14:47 . 2008-04-21 21:56    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\ydepczml
2008-04-14 16:47 . 2008-04-14 16:47    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\NCH Software
2008-04-12 16:57 . 2008-04-12 17:00    <DIR>    d--------    C:\Programmer\Paint.NET
2008-04-12 16:31 . 2008-04-12 16:31    <DIR>    d--------    C:\Documents and Settings\AJ\Tracing
2008-04-11 15:29 . 2008-04-11 15:29    <DIR>    d--------    C:\Programmer\Microsoft Office Communicator
2008-04-11 14:32 . 2008-04-11 14:32    <DIR>    d--------    C:\Programmer\Microsoft Works
2008-04-11 14:29 . 2008-04-11 14:29    <DIR>    d--------    C:\Programmer\Microsoft.NET
2008-04-11 14:19 . 2008-04-11 14:19    <DIR>    d--------    C:\Programmer\Microsoft Visual Studio 8
2008-04-11 14:16 . 2008-04-22 16:44    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-04-07 18:26 . 2008-04-22 16:52    2,553,888    --ahs----    C:\WINDOWS\system32\drivers\fidbox.dat
2008-04-07 18:26 . 2008-04-22 16:52    27,956    --ahs----    C:\WINDOWS\system32\drivers\fidbox.idx
2008-04-07 16:16 . 2008-04-07 16:16    <DIR>    d--------    C:\Programmer\ZoneAlarmSB
2008-04-02 15:35 . 2008-04-02 15:35    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\TechSmith
2008-04-02 15:34 . 2008-04-02 15:34    <DIR>    d--------    C:\Programmer\TechSmith
2008-03-31 23:25 . 2008-03-31 23:25    831,488    --a------    C:\WINDOWS\system32\divx_xx0a.dll
2008-03-31 23:25 . 2008-03-31 23:25    823,296    --a------    C:\WINDOWS\system32\divx_xx0c.dll
2008-03-31 23:25 . 2008-03-31 23:25    823,296    --a------    C:\WINDOWS\system32\divx_xx07.dll
2008-03-31 23:25 . 2008-03-31 23:25    802,816    --a------    C:\WINDOWS\system32\divx_xx11.dll
2008-03-31 23:25 . 2008-03-31 23:25    682,496    --a------    C:\WINDOWS\system32\DivX.dll
2008-03-31 23:25 . 2008-03-31 23:25    161,096    --a------    C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-03-30 20:02 . 2008-03-30 20:02    <DIR>    d--------    C:\Programmer\Avanquest update
2008-03-30 20:00 . 2008-03-30 20:00    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-03-30 19:48 . 2008-03-30 19:48    <DIR>    d--------    C:\Programmer\Sony Ericsson
2008-03-30 19:48 . 2008-03-30 19:48    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-03-27 18:04 . 2008-03-27 18:05    <DIR>    d--------    C:\Programmer\Scratch
2008-03-27 17:59 . 2008-03-27 18:01    <DIR>    d--------    C:\Programmer\Flash Slideshow Maker Professional
2008-03-25 17:44 . 2008-03-25 17:44    <DIR>    d--------    C:\Documents and Settings\All Users\Application Data\SlySoft
2008-03-25 17:35 . 2008-03-25 17:36    24    ---hs----    C:\WINDOWS\S5ECE3085.tmp
2008-03-25 17:15 . 2008-03-25 18:21    367    --a------    C:\AxType.ini
2008-03-25 16:09 . 2008-03-25 16:09    <DIR>    d--------    C:\Programmer\DAEMON Tools Lite
2008-03-25 16:02 . 2008-03-25 16:02    <DIR>    d--------    C:\Documents and Settings\AJ\Application Data\DAEMON Tools
2008-03-25 15:28 . 2008-03-25 15:58    43,520    --a------    C:\WINDOWS\system32\CmdLineExt03.dll
2008-03-23 11:22 . 2008-03-01 14:58    63,488    -----c---    C:\WINDOWS\system32\dllcache\icardie.dll

.
((((((((((((((((((((((((((((((((((((((((  Find3M Report  ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-22 14:53    ---------    d-----w    C:\Programmer\BitComet
2008-04-22 14:35    ---------    d-----w    C:\Programmer\PeerGuardian2
2008-04-22 13:45    9,873,792    ----a-w    C:\WINDOWS\Internet Logs\tvDebug.zip
2008-04-22 12:58    ---------    d-----w    C:\Programmer\Spybot - Search & Destroy
2008-04-22 12:58    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-22 11:16    ---------    d-----w    C:\Programmer\Xi
2008-04-20 10:07    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\SolidDocuments
2008-04-20 07:50    ---------    d-----w    C:\Programmer\PowerISO
2008-04-19 21:21    ---------    d-----w    C:\Programmer\Fælles filer\Wise Installation Wizard
2008-04-19 20:55    ---------    d-----w    C:\WINDOWS\system32\config\systemprofile\Application Data\SolidDocuments
2008-04-19 12:02    ---------    d-----w    C:\Programmer\Amateur's Strip Poker
2008-04-19 12:01    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\XnView
2008-04-18 11:04    ---------    d-----w    C:\Programmer\skolekom
2008-04-18 10:05    360,064    ----a-w    C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-18 08:25    ---------    d-----w    C:\Programmer\Lavasoft
2008-04-18 08:17    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\Lavasoft
2008-04-16 20:05    ---------    d-----w    C:\Programmer\Amara - Flash Intro and Banner Builder
2008-04-12 12:54    ---------    d-----w    C:\Programmer\DivX
2008-04-11 13:33    ---------    d-----w    C:\Programmer\MSECache
2008-04-11 12:32    ---------    d-----w    C:\Programmer\MSBuild
2008-04-08 15:47    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\Canon
2008-04-08 14:56    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\Audacity
2008-03-31 17:12    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\Skype
2008-03-31 16:12    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\skypePM
2008-03-30 18:02    ---------    d--h--w    C:\Programmer\InstallShield Installation Information
2008-03-28 16:54    ---------    d-----w    C:\Programmer\MediaCoder
2008-03-25 16:42    ---------    d-----w    C:\Programmer\Phun
2008-03-25 14:02    717,296    ----a-w    C:\WINDOWS\system32\drivers\sptd.sys
2008-03-25 14:01    ---------    d-----w    C:\Programmer\DAEMON Tools
2008-03-24 12:04    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\Feedreader
2008-03-21 20:30    524,288    ----a-w    C:\WINDOWS\system32\DivXsm.exe
2008-03-21 20:30    43,528    ------w    C:\WINDOWS\system32\drivers\PxHelp20.sys
2008-03-21 20:30    3,596,288    ----a-w    C:\WINDOWS\system32\qt-dx331.dll
2008-03-21 20:30    200,704    ----a-w    C:\WINDOWS\system32\ssldivx.dll
2008-03-21 20:30    129,784    ------w    C:\WINDOWS\system32\pxafs.dll
2008-03-21 20:30    120,056    ------w    C:\WINDOWS\system32\pxcpyi64.exe
2008-03-21 20:30    118,520    ------w    C:\WINDOWS\system32\pxinsi64.exe
2008-03-21 20:30    1,044,480    ----a-w    C:\WINDOWS\system32\libdivx.dll
2008-03-21 20:28    81,920    ----a-w    C:\WINDOWS\system32\dpl100.dll
2008-03-21 20:28    593,920    ----a-w    C:\WINDOWS\system32\dpuGUI11.dll
2008-03-21 20:28    57,344    ----a-w    C:\WINDOWS\system32\dpv11.dll
2008-03-21 20:28    53,248    ----a-w    C:\WINDOWS\system32\dpuGUI10.dll
2008-03-21 20:28    344,064    ----a-w    C:\WINDOWS\system32\dpus11.dll
2008-03-21 20:28    294,912    ----a-w    C:\WINDOWS\system32\dpu11.dll
2008-03-21 20:28    294,912    ----a-w    C:\WINDOWS\system32\dpu10.dll
2008-03-21 20:28    196,608    ----a-w    C:\WINDOWS\system32\dtu100.dll
2008-03-21 20:28    12,288    ----a-w    C:\WINDOWS\system32\DivXWMPExtType.dll
2008-03-21 16:05    ---------    d-----w    C:\Programmer\Copy Profiler
2008-03-21 15:55    ---------    d-----w    C:\Programmer\CloneCD 5 Profiler
2008-03-21 15:46    ---------    d-----w    C:\Programmer\Copy-Discovery 2000
2008-03-21 12:55    ---------    d-----w    C:\Programmer\Kyodai Mahjongg 2006
2008-03-20 17:11    ---------    d-----w    C:\Programmer\Ubisoft
2008-03-20 08:09    1,845,248    ----a-w    C:\WINDOWS\system32\win32k.sys
2008-03-16 17:22    ---------    d-----w    C:\Programmer\Stellarium
2008-03-16 16:57    ---------    d-----w    C:\Programmer\NCH Software
2008-03-15 15:27    ---------    d-----w    C:\Programmer\Juice
2008-03-15 13:21    ---------    d-----w    C:\Programmer\iTunes
2008-03-15 13:21    ---------    d-----w    C:\Programmer\iPod
2008-03-15 13:16    ---------    d-----w    C:\Programmer\QuickTime Alternative
2008-03-14 15:32    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-03-14 15:23    ---------    d-----w    C:\Programmer\IVT Corporation
2008-03-13 21:11    75,248    ----a-w    C:\WINDOWS\zllsputility.exe
2008-03-13 21:11    1,086,952    ----a-w    C:\WINDOWS\system32\zpeng24.dll
2008-03-12 11:10    633,344    ------w    C:\WINDOWS\system32\gpprefcl.dll
2008-03-11 16:11    ---------    d-----w    C:\Programmer\West Point Bridge Designer 2007
2008-03-10 17:29    32    ----a-w    C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-03-10 17:28    ---------    d-----w    C:\Programmer\Fælles filer\Skype
2008-03-10 17:25    ---------    d-----w    C:\Programmer\Audacity
2008-03-09 17:31    ---------    d-----w    C:\Programmer\Windows Live
2008-03-09 17:30    ---------    dcsh--w    C:\Programmer\Fælles filer\WindowsLiveInstaller
2008-03-09 17:29    ---------    d-----w    C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-03-09 10:12    ---------    d-----w    C:\Programmer\Microsoft LifeCam
2008-03-09 09:58    ---------    d-----w    C:\Programmer\Java
2008-03-06 16:40    ---------    d-----w    C:\Programmer\MonkeyJam
2008-03-06 16:40    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\MonkeyJam
2008-03-04 14:52    ---------    d-----w    C:\Documents and Settings\AJ\Application Data\CPS Labs
2008-03-04 14:49    ---------    d-----w    C:\Programmer\iSpring Free 3
2008-03-04 14:49    ---------    d-----w    C:\Programmer\Fælles filer\CPS Labs Ltd
2008-03-04 14:37    ---------    d-----w    C:\Programmer\GeoGebra
2008-03-01 12:58    826,368    ----a-w    C:\WINDOWS\system32\wininet.dll
2008-02-28 14:51    ---------    d-----w    C:\Programmer\eRightSoft
2008-02-26 14:22    ---------    d-----w    C:\Programmer\PhotoFiltre
2008-02-25 16:42    ---------    d-----w    C:\Programmer\JavaCaR
2008-02-23 07:59    ---------    d-----w    C:\Programmer\Fælles filer\Real
2008-02-23 07:59    ---------    d-----w    C:\Programmer\Fælles filer\Adobe
2008-02-20 06:51    282,624    ----a-w    C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:37    45,568    ----a-w    C:\WINDOWS\system32\dnsrslvr.dll
2008-02-13 08:21    737,280    ----a-w    C:\WINDOWS\iun6002.exe
2008-02-04 19:26    151,040    --sh--w    C:\WINDOWS\system32\VistaUltm.dll
2008-02-04 16:23    693,792    ----a-w    C:\WINDOWS\system32\OGACheckControl.DLL
2003-04-17 08:16    447,616    ----a-w    C:\WINDOWS\inf\EL2K_N64.sys
2003-04-17 08:15    147,328    ----a-w    C:\WINDOWS\inf\EL2K_XP.sys
2003-04-17 08:15    147,200    ----a-w    C:\WINDOWS\inf\EL2K_2K.sys
2001-06-04 20:28    187,392    ----a-w    C:\Programmer\msiedump.exe
1996-11-16 04:44    269,056    ----a-w    C:\Programmer\Avi2Mov.exe
2006-05-03 10:06    163,328    --sh--r    C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47    31,232    --sh--r    C:\WINDOWS\system32\msfDX.dll
2007-12-17 13:43    27,648    --sh--w    C:\WINDOWS\system32\Smab0.dll
.

------- Sigcheck -------

2006-04-20 14:18  360576  b2220c618b42a2212a59d91ebd6fc4b4    C:\WINDOWS\$hf_mig$\KB917953\SP2QFE\tcpip.sys
2007-10-30 18:53  360832  64798ecfa43d78c7178375fcdd16d8c8    C:\WINDOWS\$hf_mig$\KB941644\SP2QFE\tcpip.sys
2002-08-29 02:58  332928  244a2f9816bc9b593957281ef577d976    C:\WINDOWS\$NtServicePackUninstall$\tcpip.sys
2004-08-04 00:14  359040  9f4b36614a0fc234525ba224957de55c    C:\WINDOWS\$NtUninstallKB917953$\tcpip.sys
2008-01-02 17:54  359808  388520f998df810a7db90af05d1229a4    C:\WINDOWS\$NtUninstallKB941644$\tcpip.sys
2004-08-04 00:14  359040  9f4b36614a0fc234525ba224957de55c    C:\WINDOWS\ServicePackFiles\i386\tcpip.sys
2008-04-18 12:05  360064  6192d73be5a9824b26b26dfd4245a70f    C:\WINDOWS\system32\dllcache\tcpip.sys
2008-04-18 12:05  360064  6192d73be5a9824b26b26dfd4245a70f    C:\WINDOWS\system32\drivers\tcpip.sys
.
(((((((((((((((((((((((((((((  snapshot@2008-04-22_15.38.26,81  )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-22 13:16:19    2,048    --s-a-w    C:\WINDOWS\bootstat.dat
+ 2008-04-22 14:53:28    2,048    --s-a-w    C:\WINDOWS\bootstat.dat
.
(((((((((((((((((((((((((((((((((((((  Reg Loading Points  ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2008-04-07 16:16    262144    --a------    C:\Programmer\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Programmer\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL" [2008-04-07 16:16 262144]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Programmer\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2008-04-07 16:16 262144]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-05-21 22:28 68856]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-26 18:53 15360]
"DAEMON Tools Lite"="C:\Programmer\DAEMON Tools Lite\daemon.exe" [2008-03-21 10:30 486856]
"AlcoholAutomount"="C:\Programmer\Alcohol Soft\Alcohol 120\axcmd.exe" [2007-12-22 09:23 221568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TCASUTIEXE"="TCAUDIAG.exe" [2003-02-12 11:55 1334784 C:\WINDOWS\system32\TCAUDIAG.EXE]
"Norman ZANDA"="C:\Norman\Npm\bin\ZLH.exe" [2007-08-09 14:39 183352]
"SoundMAXPnP"="C:\Programmer\Analog Devices\SoundMAX\SMax4PNP.exe" [2003-04-04 14:38 774144]
"SoundMAX"="C:\Programmer\Analog Devices\SoundMAX\Smax4.exe" [2003-04-04 14:56 577536]
"Omnipage"="C:\Programmer\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 12:38 49152]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"FineReader7NewsReaderPro"="C:\Programmer\ABBYY FineReader 7.0 Professional Edition\AbbyyNewsReader.exe" [2003-12-10 01:19 278528]
"ATIPTA"="C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2003-06-25 16:30 335872]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2003-12-04 13:34 406016]
"PCLEPCI"="C:\PROGRA~1\Pinnacle\PPE\ppe.exe" [2002-11-04 11:40 32768]
"CloneCDTray"="C:\Programmer\SlySoft\CloneCD\CloneCDTray.exe" [2006-09-28 21:21 57344]
"Acrobat Assistant 8.0"="C:\Programmer\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2006-10-23 00:24 620152]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 19:19 221184]
"LogitechVideoRepair"="C:\Programmer\Logitech\Video\ISStart.exe" [2004-12-14 19:57 458752]
"LogitechVideoTray"="C:\Programmer\Logitech\Video\LogiTray.exe" [2004-12-14 19:51 217088]
"Google Desktop Search"="C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-30 13:36 1838592]
"OrderReminder"="C:\Programmer\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2006-01-30 18:00 98304]
"LifeCam"="C:\Programmer\Microsoft LifeCam\LifeExp.exe" [2007-05-17 23:45 279912]
"ZoneAlarm Client"="C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-13 23:11 919016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-26 18:53 15360]
"MS System Call Function"="MSSCF32.exe" []

C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\
SMART Board-v‘rkt›jer.lnk - C:\Programmer\SMART Technologies Inc\SMART Board Software\SMARTBoardTools.exe [2007-11-02 06:48:46 4519176]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programmer\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"wdpoefan"= {740FA88D-6927-47C1-8497-906CCF9A37FE} - C:\WINDOWS\wdpoefan.dll [2008-04-21 13:48 212992]
"vadokmxt"= {64D63BCE-0ECD-4945-968E-CA978DF8D832} - C:\WINDOWS\vadokmxt.dll [2008-04-21 13:48 167936]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programmer\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.I420"= i420vfw.dll
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll
"msacm.PLCMg722"= PLCMg722.acm
"msacm.PLCMg728"= PLCMg728.acm
"msacm.PLCMg729A"= PLCMg729A.acm
"msacm.PLCMsiren"= PLCMsiren.acm
"msacm.lameacm"= LameACM.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Programmer\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Programmer\\Microsoft LifeCam\\LifeCam.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Programmer\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Programmer\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"C:\\Programmer\\iTunes\\iTunes.exe"=
"C:\\Programmer\\Skype\\Phone\\Skype.exe"=
"C:\\Programmer\\Microsoft Office\\Office12\\OUTLOOK.EXE"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"23732:TCP"= 23732:TCP:BitComet 23732 TCP
"23732:UDP"= 23732:UDP:BitComet 23732 UDP

R2 MSCamSvc;MSCamSvc;"C:\Programmer\Microsoft LifeCam\MSCamS32.exe" [2007-05-17 23:45]
R2 Ndiskio;Ndiskio;C:\Norman\Nse\bin\NDISKIO.SYS [2007-01-02 10:55]
R2 tcaicchg;tcaicchg;C:\WINDOWS\System32\tcaicchg.sys [2000-06-06 20:08]
R2 TCAITDI;TCAITDI Protocol;C:\WINDOWS\system32\DRIVERS\TCAITDI.sys [2001-09-04 13:22]
R3 MSHUSBVideo;NX6000/NX3000/VX7000 Filter Driver;C:\WINDOWS\system32\Drivers\nx6000.sys [2007-04-12 23:46]
R3 NvcMFlt;NvcMFlt;C:\WINDOWS\system32\DRIVERS\nvcw32mf.sys [2008-02-11 15:56]
R3 nvcoas;Norman Virus Control on-access component;C:\Norman\Nvc\bin\nvcoas.exe [2007-12-12 12:45]
R3 NVCScheduler;Norman Virus Control Scheduler;C:\Norman\Nvc\BIN\NVCSCHED.EXE [2007-05-23 13:23]
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10]
S3 nvcfsr;nvcfsr;C:\Norman\Nvc\bin\nvcfsr.sys [2007-01-09 15:25]
S3 nvcoafl51;nvcoafl51;C:\Norman\Nvc\bin\nvcoafl51.sys [2007-01-09 15:25]
S3 nvcoaft51;nvcoaft51;C:\Norman\Nvc\bin\nvcoaft51.sys [2007-01-09 15:25]
S3 nvcoarc51;nvcoarc51;C:\Norman\Nvc\bin\nvcoarc51.sys [2007-01-09 15:25]
S3 SMART Web Server;SMART Web Server;"C:\Programmer\SMART Technologies Inc\SMART Board Software\WebServer.exe" [2007-11-02 06:48]


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8D8BB7AA-34B8-4058-85C7-5F750A62BE2D}]
C:\WINDOWS\system32\msiexec.exe  /fup {8D8BB7AA-34B8-4058-85C7-5F750A62BE2D} /q

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9E4C88F5-F8EB-45C5-A0B3-08BC50AB9B1E}]
C:\WINDOWS\system32\msiexec.exe  /fup {9E4C88F5-F8EB-45C5-A0B3-08BC50AB9B1E} /q
.
Contents of the 'Scheduled Tasks' folder
"2008-03-20 08:51:32 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Programmer\Apple Software Update\SoftwareUpdate.exe
"2008-03-28 17:11:25 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IcePick_exe.job"
- C:\Programmer\Microsoft LifeCam\IcePick.exe
"2008-03-09 10:14:31 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_LifeExp_exe.job"
- C:\Programmer\Microsoft LifeCam\LifeExp.exe
"2008-04-22 14:42:05 C:\WINDOWS\Tasks\Søg efter opdateringer til Windows Live Toolbar.job"
- C:\Programmer\Windows Live Toolbar\MSNTBUP.EXE
"2008-04-22 15:20:00 C:\WINDOWS\Tasks\User_Feed_Synchronization-{87F92270-DA16-474F-B79F-7D4D9E5CF9D3}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-22 17:16:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\wdpoefan.dll
-> C:\WINDOWS\vadokmxt.dll
.
Completion time: 2008-04-22 17:20:47
ComboFix-quarantined-files.txt  2008-04-22 15:20:17
ComboFix2.txt  2008-04-22 13:39:58

Pre-Run: 165,727,298,560 byte ledig
Post-Run: 165,703,666,688 byte ledig

333    --- E O F ---    2008-04-09 15:43:26

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/22/2008 at 03:07 PM

Application Version : 4.0.1154

Core Rules Database Version : 3444
Trace Rules Database Version: 1436

Scan type      : Complete Scan
Total Scan Time : 01:05:26

Memory items scanned      : 180
Memory threats detected  : 0
Registry items scanned    : 7627
Registry threats detected : 0
File items scanned        : 16767
File threats detected    : 13

Desktop Hijacker.AboutYourPrivacy
    C:\WINDOWS\privacy_danger\images
    C:\WINDOWS\privacy_danger

Adware.Tracking Cookie
    C:\Documents and Settings\AJ\Cookies\aj@ads.bleepingcomputer[2].txt
    C:\Documents and Settings\AJ\Cookies\aj@adtech[1].txt
    C:\Documents and Settings\AJ\Cookies\aj@doubleclick[1].txt
    C:\Documents and Settings\AJ\Cookies\aj@mediaplex[1].txt
    C:\Documents and Settings\AJ\Cookies\aj@track.adform[1].txt
    C:\Documents and Settings\AJ\Cookies\aj@tradedoubler[2].txt
    C:\Documents and Settings\AJ\Cookies\aj@tribalfusion[2].txt

Adware.SXGAdvisor-A
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{24666A5B-986E-4BE7-809E-E20D50858380}\RP466\A0098737.DLL

Trojan.Unclassified/GTS
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{24666A5B-986E-4BE7-809E-E20D50858380}\RP466\A0098738.DLL

Rogue.VirusIsolator
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{24666A5B-986E-4BE7-809E-E20D50858380}\RP466\A0098739.EXE
    C:\SYSTEM VOLUME INFORMATION\_RESTORE{24666A5B-986E-4BE7-809E-E20D50858380}\RP466\A0098741.EXE