Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.orgDatabase version: 8398
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
19-12-2011 18:43:05
mbam-log-2011-12-19 (18-43-05).txt
Skanningstype: Fuldstændig skanning (C:\|D:\|E:\|)
Objekter skannet: 202498
Tid gået: 39 minut(ter), 40 sekund(er)
Hukommelses Processorer Inficeret: 0
Hukommelses Moduler Inficeret: 0
Registreringsdatabasenøgler Inficeret: 0
Registreringsdatabaseværdier Inficeret: 0
Registreringsdatabasedata Objekter Inficeret: 0
Inficerede Mapper: 0
Inficerede Filer: 0
Hukommelses Processorer Inficeret:
(Ingen skadelige objekter blev fundet)
Hukommelses Moduler Inficeret:
(Ingen skadelige objekter blev fundet)
Registreringsdatabasenøgler Inficeret:
(Ingen skadelige objekter blev fundet)
Registreringsdatabaseværdier Inficeret:
(Ingen skadelige objekter blev fundet)
Registreringsdatabasedata Objekter Inficeret:
(Ingen skadelige objekter blev fundet)
Inficerede Mapper:
(Ingen skadelige objekter blev fundet)
Inficerede Filer:
(Ingen skadelige objekter blev fundet)
***************************************************
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:58:45, on 19-12-2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Google\Gmail Notifier\gnotify.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Fælles filer\Java\Java Update\jusched.exe
C:\Programmer\Fighters\SPAMfighter\sfagent.exe
C:\Programmer\AVAST Software\Avast\avastUI.exe
C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe
C:\Programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe
C:\Programmer\Creative\Software Update 3\SoftAuto.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Application Updater\ApplicationUpdater.exe
C:\WINDOWS\system32\sistray.exe
C:\Programmer\Creative\Shared Files\CTDevSrv.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
C:\Programmer\Fighters\SPAMfighter\sfus.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fighters\FighterSuiteService.exe
C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Chrome\Application\chrome.exe
C:\Programmer\Malwarebytes' Anti-Malware\mbam.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Nils\Dokumenter\Downloads\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpro.com/videodownloadtoolbar/{7A10E482-7079-4DC0-80FC-5FF963B8CC47}R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.bigseekpro.com/videodownloadtoolbar/{7A10E482-7079-4DC0-80FC-5FF963B8CC47}R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programmer\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O2 - BHO: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programmer\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Programmer\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: QuickStores-Toolbar - {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - mscoree.dll (file missing)
O3 - Toolbar: YouTube Downloader Toolbar - {F3FEE66E-E034-436a-86E4-9690573BEE8A} - C:\Programmer\YouTube Downloader Toolbar\IE\4.9\youtubedownloaderToolbarIE.dll
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Programmer\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [sfagent] C:\Programmer\Fighters\SPAMfighter\sfagent.exe
O4 - HKLM\..\Run: [avast] "C:\Programmer\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [HTC Sync Loader] "C:\Programmer\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
O4 - HKLM\..\Run: [SearchSettings] "C:\Programmer\Fælles filer\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Programmer\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Nils\Lokale indstillinger\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Programmer\Creative\Software Update 3\SoftAuto.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Genvej til husk.lnk = C:\Documents and Settings\Nils\Dokumenter\Skriveprojekter\Forfattermappe\husk.txt
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver -
res://C:\WINDOWS\system32\GPhotos.scr/200O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone:
http://*.danid.dkO15 - Trusted Zone:
http://*.danid.dk (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1299280467933O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO23 - Service: Application Updater - Spigot, Inc. - C:\Programmer\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Programmer\AVAST Software\Avast\AvastSvc.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Programmer\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Programmer\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google
Hej karise_larry
Her er de to logs.
Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Programmer\HTC\Internet Pass-Through\PassThruSvr.exe
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Programmer\Fighters\SPAMfighter\sfus.exe
O23 - Service: Suite Service - SPAMfighter ApS - C:\Programmer\Fighters\FighterSuiteService.exe
--
End of file - 8786 bytes