cid popups etter installasjon av winix

[Dagdriver]

skulle pakke ut noe musikk og var dum nok til å innstallere winix. her er loggene og jeg er takkniemlig for all hjelp!

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 02/07/2008 at 03:30 PM

 

Application Version : 3.9.1008

 

Core Rules Database Version : 3397

Trace Rules Database Version: 1389

 

Scan type : Complete Scan

Total Scan Time : 00:27:53

 

Memory items scanned : 483

Memory threats detected : 0

Registry items scanned : 5852

Registry threats detected : 0

File items scanned : 33794

File threats detected : 5

 

Adware.Tracking Cookie

C:\Documents and Settings\chrjeb\Cookies\chrjeb@interclick[1].txt

C:\Documents and Settings\chrjeb\Cookies\[email protected][2].txt

C:\Documents and Settings\chrjeb\Cookies\[email protected][2].txt

C:\Documents and Settings\chrjeb\Cookies\chrjeb@xiti[1].txt

C:\Documents and Settings\chrjeb\Cookies\[email protected][2].txt

 

 

Logfile of HijackThis v1.99.1

Scan saved at 15:41:05, on 07.02.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Altiris\Altiris Agent\AeXNSAgent.exe

c:\Programfiler\Intel\ASF Agent\ASFAgent.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programfiler\CyberLink\Shared files\RichVideo.exe

C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe

C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Programfiler\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

C:\Programfiler\PowerISO\PWRISOVM.EXE

C:\WINDOWS\TEMP\EYCA79.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\system32\svchost.exe

C:\Altiris\AClient\AClient.exe

C:\Altiris\AClient\AClntUsr.exe

C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\system32\notepad.exe

C:\Programfiler\Internet Explorer\IEXPLORE.EXE

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vg.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O1 - Hosts: 172.16.1.214 urge

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [AClntUsr] C:\Altiris\AClient\AClntUsr.EXE

O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AeXAgentLogon] C:\Programfiler\Altiris\Altiris Agent\AeXAgentActivate.exe /logon

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE

O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Programdata\part dead amok eggs\Bags Remote.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [FourAnte] C:\DOCUME~1\chrjeb\PROGRA~1\AUDIOO~1\Finddashtick.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - Startup: Aller Internt.lnk = C:\Programfiler\Internet Explorer\iexplore.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199965633019

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = allergruppen.no

O17 - HKLM\Software\..\Telephony: DomainName = allergruppen.no

O17 - HKLM\System\CCS\Services\Tcpip\..\{5CB8B130-1828-4884-80B4-BB935A39CCBF}: NameServer = 172.24.3.11,172.23.3.11

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = allergruppen.no

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: AMINIT.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\Altiris\AClient\AClient.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Programfiler\Altiris\Altiris Agent\AeXNSAgent.exe

O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - c:\Programfiler\Intel\ASF Agent\ASFAgent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: RAID Storage Manager Agent (RAIDStorAgent) - Dell - c:\Programfiler\Dell\RAID Storage Manager\StorServ.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\CyberLink\Shared files\RichVideo.exe

O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe

 

thx

 

christian

Endret 7. februar 2008 av Skagen

[norbat]

Start hjt, velg "Do a system scan only", sett merke framfor følgende linjer og klikk Fix checked:

O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Programdata\part dead amok eggs\Bags Remote.exe

O4 - HKCU\..\Run: [FourAnte] C:\DOCUME~1\chrjeb\PROGRA~1\AUDIOO~1\Finddashtick.exe

 

 

Hent NoLop.exe, legg det på skrivebordet.

 

Kjør programmet. Trykk "Search and Destroy"-knappen. Hvis den finner noe, bli du bedt om å trykke på Reboot-knappen.

 

 

Bruk utforsker til å finne og slett (i fet) følgende mapper:

C:\Documents and Settings\All Users\Programdata\part dead amok eggs

C:\DOCUME~1\chrjeb\PROGRA~1\AUDIOO~1 (~1 = forkortelse)

 

Post ny hjt-logg og fortell hvordan det går med CiD

[Dagdriver]

Start hjt, velg "Do a system scan only", sett merke framfor følgende linjer og klikk Fix checked:

O4 - HKLM\..\Run: [Amok Eggs Four Web] C:\Documents and Settings\All Users\Programdata\part dead amok eggs\Bags Remote.exe

O4 - HKCU\..\Run: [FourAnte] C:\DOCUME~1\chrjeb\PROGRA~1\AUDIOO~1\Finddashtick.exe

 

 

Hent NoLop.exe, legg det på skrivebordet.

 

Kjør programmet. Trykk "Search and Destroy"-knappen. Hvis den finner noe, bli du bedt om å trykke på Reboot-knappen.

 

 

Bruk utforsker til å finne og slett (i fet) følgende mapper:

C:\Documents and Settings\All Users\Programdata\part dead amok eggs

C:\DOCUME~1\chrjeb\PROGRA~1\AUDIOO~1 (~1 = forkortelse)

 

Post ny hjt-logg og fortell hvordan det går med CiD

 

 

 

Logfile of HijackThis v1.99.1

Scan saved at 09:59:35, on 08.02.2008

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16574)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Altiris\Altiris Agent\AeXNSAgent.exe

c:\Programfiler\Intel\ASF Agent\ASFAgent.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Programfiler\CyberLink\Shared files\RichVideo.exe

C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe

C:\Programfiler\Trend Micro\OfficeScan Client\CNTAoSMgr.exe

C:\WINDOWS\TEMP\VUF602.EXE

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\CTHELPER.EXE

C:\WINDOWS\system32\CTXFIHLP.EXE

C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe

C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE

C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe

C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe

C:\WINDOWS\SYSTEM32\CTXFISPI.EXE

C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe

C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe

C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe

C:\Programfiler\PowerISO\PWRISOVM.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

C:\Altiris\AClient\AClient.exe

C:\Altiris\AClient\AClntUsr.exe

C:\Programfiler\Internet Explorer\iexplore.exe

C:\Program Files\HijackThis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vg.no/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O1 - Hosts: 172.16.1.214 urge

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar1.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [CTDVDDET] "C:\Programfiler\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"

O4 - HKLM\..\Run: [VolPanel] "C:\Programfiler\Creative\Sound Blaster X-Fi\Volume Panel\VolPanel.exe" /r

O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Programfiler\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Programfiler\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [AClntUsr] C:\Altiris\AClient\AClntUsr.EXE

O4 - HKLM\..\Run: [OfficeScanNT Monitor] "C:\Programfiler\Trend Micro\OfficeScan Client\pccntmon.exe" -HideWindow

O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programfiler\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [AeXAgentLogon] C:\Programfiler\Altiris\Altiris Agent\AeXAgentActivate.exe /logon

O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Programfiler\PowerISO\PWRISOVM.EXE

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [swg] C:\Programfiler\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe

O4 - Startup: Aller Internt.lnk = C:\Programfiler\Internet Explorer\iexplore.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1199965633019

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = allergruppen.no

O17 - HKLM\Software\..\Telephony: DomainName = allergruppen.no

O17 - HKLM\System\CCS\Services\Tcpip\..\{5CB8B130-1828-4884-80B4-BB935A39CCBF}: NameServer = 172.24.3.11,172.23.3.11

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = allergruppen.no

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O20 - AppInit_DLLs: AMINIT.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Altiris Client Service (AClient) - Altiris, Inc. - C:\Altiris\AClient\AClient.exe

O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Altiris Agent (AeXNSClient) - Altiris, Inc. - C:\Programfiler\Altiris\Altiris Agent\AeXNSAgent.exe

O23 - Service: ASF Agent (ASFAgent) - Intel Corporation - c:\Programfiler\Intel\ASF Agent\ASFAgent.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Intel NCS NetService (NetSvc) - Intel® Corporation - c:\Programfiler\Intel\PROSetWired\NCS\Sync\NetSvc.exe

O23 - Service: OfficeScanNT RealTime Scan (ntrtscan) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\ntrtscan.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: RAID Storage Manager Agent (RAIDStorAgent) - Dell - c:\Programfiler\Dell\RAID Storage Manager\StorServ.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programfiler\CyberLink\Shared files\RichVideo.exe

O23 - Service: OfficeScan NT Listener (tmlisten) - Trend Micro Inc. - C:\Programfiler\Trend Micro\OfficeScan Client\tmlisten.exe

 

Det ser ut til å ha hjulpet! Ingen Cids eller Adserver til nå! jeg regnet egentlig med at den part dead aming eggs var noe usunt noe så den fjernet jeg i går!

 

Takk for knallbra hjelp! Dette er et supert opplegg!

 

cj

[norbat]

Fint,

Du kan rense ut temp-filer, enten med hjelp av Tilbehør->systemverktøy->diskopprydding eller CCleaner:

 

Last ned CCleaner. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Under installasjonen velger du vekk Yahoo Toolbar, om du ikke ønsker den.