Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:46:09, on 2010-01-26
Platform: Unknown Windows (WinNT 6.01.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
c:\Program Files\Hewlett-Packard\IAM\Bin\AsGHost.exe
C:\windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\ActivIdentity\ActivClient\acevents.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\File Sanitizer\CoreShredder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\windows\system32\igfxsrvc.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Program Files\Brother\Brmfcmon\BrMfimon.exe
C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files\Nowe Gadu-Gadu\gg.exe
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe
C:\Program Files\iPlus\iPlusManager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\windows\system32\taskeng.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=92&bd=all&pf=cmnb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=92&bd=all&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=92&bd=all&pf=cmnb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=pl_PL&c=92&bd=all&pf=cmnb
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - C:\Program
Files\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common
Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Credential Manager for HP ProtectTools -
{DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program
Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} -
C:\Users\Agnieszka\AppData\Roaming\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file)
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files\Hewlett-Packard\HP Quick
Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage
Manager\iaanotif.exe
O4 - HKLM\..\Run: [acevents] "c:\Program
Files\ActivIdentity\ActivClient\acevents.exe"
O4 - HKLM\..\Run: [accrdsub] "c:\Program
Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools
Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe
c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [PDF Complete] C:\Program Files\PDF Complete\pdfsty.exe
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP
Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [File Sanitizer] C:\Program Files\Hewlett-Packard\File
Sanitizer\CoreShredder.exe
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog
Devices\SoundMAX\soundmax.exe /tray
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe"
-atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AdobeCS4ServiceManager] "C:\Program Files\Common
Files\Adobe\CS4ServiceManager\CS4ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
/AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program
Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common
Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /autoRun (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows
Sidebar\Sidebar.exe /autoRun (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe
(User 'USŁUGA SIECIOWA')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://c:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... -
C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... -
C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth
Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program
Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth
Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} -
C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O15 - Trusted Zone:
*.mcafee.com (HKLM)
O15 - Trusted Zone:
betavscan.mcafeeasap.com (HKLM)
O15 - Trusted Zone:
vs.mcafeeasap.com (HKLM)
O15 - Trusted Zone:
www.mcafeeasap.com (HKLM)
O15 - ESC Trusted Zone: <a href="
