Logfile of HijackThis v1.98.2 - Anonymous

Your log looks clean.  The following are some uncommon software, uninstall them if you are not frequently used:

• GhostTyp.exe (Typing Tools from sc-data.de)
• clarify.exe (small wrapper that execute a certain batch file each time the user clicks on the desktop Clarify Software)
• JabberMessenger.exe (JabberMessenger.exe is part of Jabber, Inc. Enterprise Instant Messaging Software)
• smc.exe (smc.exe is a part of the Sygate Secure Enterprise, more specifically the firewall product)

Original Log Posted:

Scan saved at 8:41:28, on 26-11-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Sygate \ SSA \ smc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Symantec AntiVirus \ DefWatch.exe
C: \ Program Files \ Symantec AntiVirus \ SavRoam.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Symantec AntiVirus \ Rtvscan.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Hewlett-Packard \ PC COE \ IDA.EXE
C: \ WINDOWS \ System32 \ HpMmKbd.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ PROGRA~1 \ SYMANT~1 \ VPTray.exe
C: \ WINDOWS \ System32 \ ctfmon.exe
C: \ Program Files \ Jabber \ Messenger \ JabberMessenger.exe
C: \ Program Files \ Logitech \ MouseWare \ system \ em_exec.exe
C: \ Program Files \ SC-Data \ GhostTyperXML \ GhostTyp.exe
C: \ PROGRA~1 \ MICROS~2 \ OFFICE11 \ OUTLOOK.EXE
C: \ WFMClient5.1_P.04.08.160 \ clarify \ clarify.exe
C: \ Program Files \ Hewlett-Packard \ HP ProCurve FIDO \ OpCodeGen.exe
C: \ Documents and Settings \ Tomul \ Desktop \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main,Start Page = website: planet.nl /
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Internet Settings,ProxyServer = web-proxy.corp.hp.com:8088
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c: \ program files \ google \ googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C: \ WINDOWS \ System32 \ msdxm.ocx
O4 - HKLM \ .. \ Run: [IDA] C: \ Program Files \ Hewlett-Packard \ PC COE \ IDA.EXE
O4 - HKLM \ .. \ Run: [HpMmKbd] HpMmKbd.exe
O4 - HKLM \ .. \ Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [SmcService] C: \ PROGRA~1 \ Sygate \ SSA \ smc.exe -startgui
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [vptray] C: \ PROGRA~1 \ SYMANT~1 \ VPTray.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ System32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Jabber Messenger] C: \ Program Files \ Jabber \ Messenger \ JabberMessenger.exe -hidden
O4 - Global Startup: GhostTyperXML.lnk = C: \ Program Files \ SC-Data \ GhostTyperXML \ GhostTyp.exe
O8 - Extra context menu item: &Google Search - res: / / c: \ program files \ google \ GoogleToolbar1.dll / cmsearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res: / / C: \ PROGRA~1 \ MICROS~2 \ OFFICE11 \ EXCEL.EXE / 3000
O8 - Extra context menu item: Gelijkwaardige pagina´s - res: / / c: \ program files \ google \ GoogleToolbar1.dll / cmsimilar.html
O8 - Extra context menu item: Koppelingspagina´s - res: / / c: \ program files \ google \ GoogleToolbar1.dll / cmbacklinks.html
O8 - Extra context menu item: Opgeslagen momentopname van de pagina - res: / / c: \ program files \ google \ GoogleToolbar1.dll / cmcache.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA~1 \ MICROS~2 \ OFFICE11 \ REFIEBAR.DLL
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - website: v5.windowsupdate.microsoft.com / v5consumer / V5Controls / en / x86 / client / wuweb_site.cab?1098256376230
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - website: housecall.trendmicro-europe.com / housecall / Xscan53.cab
O16 - DPF: {A1BFBE93-8D91-427C-965B-72088CFAADF4} (CCertificateDelete Object) - https: / / hppkis01.can.hp.com / userweb / vscertdel.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - website: us.dl1.yimg.com / download.yahoo.com / dl / installs / suite / yautocomplete.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = emea.cpqcorp.net
O17 - HKLM \ Software \ .. \ Telephony: DomainName = emea.cpqcorp.net
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = emea.cpqcorp.net
O17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: SearchList = EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ Parameters: Domain = emea.cpqcorp.net
O17 - HKLM \ System \ CS2 \ Services \ Tcpip \ Parameters: SearchList = EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: SearchList = EMEA.cpqcorp.net,EMEA.hpqcorp.net,hpqcorp.net,cpqcorp.net