julkaisyn
03.02.05, 21:31
Logfile of HijackThis v1.99.0
Scan saved at 21:30:40, on 2005-02-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.ex e
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.ex e
C:\WINDOWS\System32\hkcmd.exe
C:\Program\Java\j2re1.4.2_03\bi n\jusched.exe
C:\Program\iTunes\iTunesHelper. exe
C:\Program\QuickTime\qttask.exe
C:\Program\Synaptics\SynTP\SynT PLpr.exe
C:\Program\Synaptics\SynTP\SynT PEnh.exe
C:\Program\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.ex e
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program\HP\HP Software Update\HPWuSchd2.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Skype\Phone\Skype.ex e
C:\Program\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program\Norton AntiVirus\navapsvc.exe
C:\Program\Norton AntiVirus\SAVScan.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\Ulead Systems\Ulead Photo Express 4.0 My Custom
Edition\CalCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\Program\iPod\bin\iPodService .exe
C:\Program\HPQ\SHARED\HPQWMI.ex e
C:\Program\MSN\MSNCoreFiles\msn 6.exe
C:\Program\Gadu-Gadu\gg.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Documents and Settings\KAMILA ADAMSKA\Skrivbord\HijackThis.ex e
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.onet.pl/
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
start.tele2.se
R1 - HKCU\Software\Microsoft\Interne t Connection Wizard,ShellNext =
www.hp.com/
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Microsoft
Internet Explorer - Tele2
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e =
Länkar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper .ocx
O2 - BHO: CSBrBHO - {96DA5BEE-4ACC-476C-B3EC-54C673 0C4293} -
C:\Program\Comet\Install\Temp\b rbho.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} -
C:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
C:\Program\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.ex e
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_03
\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper. exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.ex e" -
atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program\Delade filer\Sonic\Update
Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program\Synaptics\SynTP\SynT PLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynT PEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program\HP\Digital
Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program\HP\HP Share-to-
Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program\HP\{45B6180B-DCAB-40 93-8EE8-
6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.ex e
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program\HPQ\Quick Launch
Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Software Update] "C:\Program\HP\HP Software
Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program\Common
Files\Onet.pl\NewAutoUpdate.exe " /updateexetsr
O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.ex e" /background
O4 - HKCU\..\Run:
[Skype] "C:\Program\Skype\Phone\Skype.e xe" /nosplash /minimized
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital
Imaging\bin\hpqtra08.exe
O4 - Global Startup: Ulead Photo Express Calendar Checker For My Custom
Edition.lnk = C:\Program\Ulead Systems\Ulead Photo Express 4.0 My Custom
Edition\CalCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:\Program\Java\j2re1.4.2_03\bi n\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program\Java\j2re1.4.2_03\bi n\npjpi142_03.dll
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89 F1AC7A} -
C:\Program\IrfanView\Ebay\Ebay. htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F 795683} -
C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=start.tele2.se
O23 - Service: Symantec Event Manager - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear-säkerhetstjänster - GEAR Software - C:\WINDOWS\System32
\gearsec.exe
O23 - Service: HP WMI Interface - Hewlett Packard Company -
C:\Program\HPQ\SHARED\HPQWMI.ex e
O23 - Service: iPod-tjänst - Apple Computer, Inc. -
C:\Program\iPod\bin\iPodService .exe
O23 - Service: Norton AntiVirus Auto Protect-tjänst - Symantec Corporation -
C:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:\Program\DELADE~1\SYMANT~1\SC RIPT~1\SBServ.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program\Delade
filer\Symantec Shared\Security Center\SymWSC.exe