Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:13:06, on 02-09-2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\All Users\Application Data\InstallBrainService\ibsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Programmer\Java\jre7\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
C:\WINDOWS\System32\svchost.exe
c:\Programmer\Fælles filer\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Programmer\AVG\AVG8\avgcsrvx.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
C:\Documents and Settings\All Users\Application Data\PC Performer Manager\2.2.558.177\{16cdff19-861d-48e3-a751-d99a27784753}\%Protector Process Name%.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Programmer\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\bruger\Dokumenter\Downloads\HijackThis (1).exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://search.babylon.com/?affID=112059&tt=bandext_3312_4&babsrc=HP_ss&mntrId=cc66f91b000000000000000c76931e3a
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Programmer\appbario8\prxtbappb.dll
O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Programmer\BrowserCompanion\jsloader.dll
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Programmer\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: appbario8 - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Programmer\appbario8\prxtbappb.dll
O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Programmer\Savings Sidekick\Savings Sidekick.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Programmer\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programmer\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SpecialSavings - {74F475FA-6C75-43BD-AAB9-ECDA6184F600} - C:\Programmer\SpecialSavings\SpecialSavingsSinged.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre7\bin\ssv.dll
O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Programmer\BrowserCompanion\updatebhoWin32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre7\bin\jp2ssv.dll
O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Programmer\Softonic\Softonic\1.6.7.4\bh\Softonic.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Programmer\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: appbario8 Toolbar - {0cc09160-108c-4759-bab1-5c12c216e005} - C:\Programmer\appbario8\prxtbappb.dll
O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Programmer\Softonic\Softonic\1.6.7.4\SoftonicTlbr.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe ARM] "C:\Programmer\Fælles filer\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Programmer\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [APSDaemon] "C:\Programmer\Fælles filer\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Corel File Shell Monitor] c:\Programmer\Corel\Corel PaintShop Photo Pro\X3\PSPClassic\CorelIOMonitor.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Fælles filer\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [MP10_EnsureFileVer] C:\WINDOWS\inf\unregmp2.exe /EnsureFileVersions
O4 - HKLM\..\RunOnce: [WMC_RebootCheck] C:\WINDOWS\inf\unregmp2.exe /FixUps
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Tango] C:\Programmer\Tango\Tango.exe -r
O4 - HKCU\..\Run: [Corel Photo Downloader] "c:\Programmer\Fælles filer\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
O4 - HKCU\..\RunOnce: [WMC_WMPDBExport] C:\Programmer\Windows Media Player\wmdbexport.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: SpecialSavings - {A69A551A-1AAE-4B67-8C2E-52F8B8A19504} - C:\Programmer\SpecialSavings\SpecialSavingsSinged.dll
O9 - Extra button: HP Smart markering - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Programmer\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1345101969546
O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programmer\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programmer\BrowserCompanion\tdataprotocol.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programmer\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Programmer\AVG\AVG8\avgpp.dll
O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Programmer\BrowserCompanion\tdataprotocol.dll
O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\22565~1.25\{16cdf~1\browse~1.dll c:\docume~1\alluse~1\applic~1\pcperf~1\22558~1.177\{16cdf~1\%prote~1.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Programmer\Fælles filer\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.exe
O23 - Service: Google Update Tjeneste (gupdate) (gupdate) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Tjeneste (gupdatem) (gupdatem) - Google Inc. - C:\Programmer\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallBrain Updater Service (InstallBrainService) - Unknown owner - C:\Documents and Settings\All Users\Application Data\InstallBrainService\ibsvc.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Programmer\Java\jre7\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Performer Manager - Unknown owner - C:\WINDOWS\
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Programmer\Fælles filer\Protexis\License Service\PsiService_2.exe
--
End of file - 11279 bytes