x-kom hosting

Prosze o spr loga (Combo i HJT)

klimek1313
utworzono
utworzono

przyczyna? 2 latka mu stuknęły, a nie był jeszcze tak sprawdzany: ;)

HJT

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 17:13:01, on 2008-08-02Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16674)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeC:\Program Files\Softex\OmniPass\Omniserv.exeC:\Program Files\Lenovo\PM Driver\PMSveH.exeC:\WINDOWS\system32\svchost.exec:\program files\lenovo\system update\suservice.exeC:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exeC:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exeC:\Program Files\Common Files\Lenovo\Logger\logmon.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lenovo\HOTKEY\TPHKMGR.exeC:\Program Files\Lenovo\HOTKEY\TpWAudAp.exeC:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exeC:\WINDOWS\RTHDCPL.EXEC:\WINDOWS\system32\WLTRAY.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Java\jre1.6.0_05\bin\jusched.exeC:\Program Files\Common Files\InstallShield\UpdateService\issch.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Common Files\Real\Update_OB\realsched.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Picasa2\PicasaMediaDetector.exeC:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exeC:\Program Files\PC Connectivity Solution\ServiceLayer.exeC:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exec:\program files\common files\installshield\updateservice\isuspm.exeC:\Program Files\Common Files\InstallShield\UpdateService\agent.exeC:\Program Files\Opera\Opera.exeC:\Program Files\Java\jre1.6.0_05\bin\jucheck.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBRR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBRR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dllO4 - HKLM\..\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exeO4 - HKLM\..\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exeO4 - HKLM\..\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exeO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [skyTel] SkyTel.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exeO4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"  -osbootO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exeO4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytrayO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htmO8 - Extra context menu item: Wyślij do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htmO9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dllO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dllO9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeO23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeO23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exeO23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exeO23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exeO23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exeO23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exeO23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: System Update (SUService) -   - c:\program files\lenovo\system update\suservice.exeO23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeO23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exeO23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe--End of file - 9814 bytesCombo:
ComboFix 08-08-01.04 - H&K 2008-08-02 17:31:27.1 - NTFSx86Microsoft Windows XP Home Edition 5.1.2600.2.1250.1.1045.18.142 [GMT 2:00]Running from: C:\2-Instalki\ComboFix.exe * Created a new restore pointWARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))).C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Windows Media\10.0\WMSDKNSD.XML.((((((((((((((((((((((((( Files Created from 2008-07-02 to 2008-08-02 ))))))))))))))))))))))))))))))).2008-08-02 17:12 . 2008-08-02 17:12 <DIR> d-------- C:\Program Files\Trend Micro2008-07-26 22:03 . 2008-08-02 17:35 17,408 --a------ C:\WINDOWS\system32\rpcnetp.dll2008-07-26 22:02 . 2008-08-02 17:35 17,408 --a------ C:\WINDOWS\system32\rpcnetp.exe2008-07-24 23:33 . 2008-07-24 23:33 <DIR> d-------- C:\Documents and Settings\H&K\Dane aplikacji\Media Player Classic2008-07-24 22:23 . 2008-07-24 22:23 <DIR> d-------- C:\Documents and Settings\H&K\dwhelper.(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))).2008-07-30 15:26 --------- d-----w C:\Documents and Settings\H&K\Dane aplikacji\OpenOffice.ux.pl22008-07-30 14:21 --------- d-----w C:\Program Files\HAM2008-07-15 20:50 --------- d-----w C:\Program Files\Picasa22008-07-15 20:49 --------- d-----w C:\Program Files\Google2008-07-06 08:26 --------- d-----w C:\Program Files\Java2008-07-06 08:18 --------- d-----w C:\Program Files\Lx_cats2008-06-23 21:08 --------- d-----w C:\Program Files\Microsoft AutoRoute2008-06-22 05:45 --------- d-----w C:\Program Files\SPSS2008-06-20 10:44 360,960 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys2008-06-20 09:32 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys2008-06-17 19:53 --------- d-----w C:\Program Files\DivX2008-06-15 06:02 --------- d-----w C:\Documents and Settings\H&K\Dane aplikacji\DivX2008-06-14 18:01 273,024 ------w C:\WINDOWS\system32\drivers\bthport.sys2007-06-16 01:30 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Dane aplikacji\Microsoft\Feeds Cache\index.dat2007-07-20 20:13 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Ustawienia lokalne\Historia\History.IE5\MSHist012007072020070721\index.dat.((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))..*Note* empty entries & legit default entries are not shown REGEDIT4[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 22:00 15360]"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2008-02-26 03:23 443968]"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 11:12 695808][HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]"TPHOTKEY"="C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe" [2006-05-08 03:34 94208]"TPWAUDAP"="C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe" [2006-04-20 00:29 24576]"PMHandler"="C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe" [2006-08-21 23:54 33128]"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2006-10-12 09:28 1282048]"igfxtray"="C:\WINDOWS\system32\igfxtray.exe" [2006-03-23 06:17 94208]"igfxhkcmd"="C:\WINDOWS\system32\hkcmd.exe" [2006-03-23 06:13 77824]"igfxpers"="C:\WINDOWS\system32\igfxpers.exe" [2006-03-23 06:17 118784]"snp2std"="C:\WINDOWS\vsnp2std.exe" [2006-07-10 20:33 675840]"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 16:50 221184]"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 16:50 81920]"LXCCCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll" [2005-01-10 05:21 69632]"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-02-19 22:36 185896]"RTHDCPL"="RTHDCPL.EXE" [2006-10-11 11:36 16267776 C:\WINDOWS\RTHDCPL.exe]"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe][HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 22:00 15360]"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 18:35 1294336]C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696][HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]2006-10-16 14:30 49152 C:\Program Files\Softex\OmniPass\OPXPGina.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ACNotify]2006-10-05 19:53 32768 C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tphotkey]2006-01-11 08:05 13824 C:\WINDOWS\system32\tphklock.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]"VIDC.YV12"= yv12vfw.dll[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Start^Programy^Autostart^BTTray.lnk]path=C:\Documents and Settings\All Users\Menu Start\Programy\Autostart\BTTray.lnkbackup=C:\WINDOWS\pss\BTTray.lnkCommon Startup[HKLM\~\startupfolder\C:^Documents and Settings^H&K^Menu Start^Programy^Autostart^OpenOffice.ux.pl 2.0.4.lnk]path=C:\Documents and Settings\H&K\Menu Start\Programy\Autostart\OpenOffice.ux.pl 2.0.4.lnkbackup=C:\WINDOWS\pss\OpenOffice.ux.pl 2.0.4.lnkStartup[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTray]--a------ 2006-10-05 19:57 409600 C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACWLIcon]--a------ 2006-10-05 19:53 110592 C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]--a------ 2005-11-22 13:36 507904 C:\Program Files\ThinkVantage\AMSG\Amsg.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AzMixerSel]--a------ 2006-01-25 11:45 53248 C:\Program Files\Realtek\InstallShield\AzMixerSel.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]--a------ 2006-07-14 18:13 2341632 C:\Program Files\Lenovo\Client Security Solution\cssauth.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]--a------ 2006-07-03 18:11 110592 C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\lxccmon.exe]--a------ 2005-02-21 07:23 192512 C:\Program Files\Lexmark 3300 Series\lxccmon.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]--a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPass]--a------ 2006-10-16 14:36 2502656 C:\Program Files\Softex\OmniPass\ScureApp.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector]--a------ 2008-02-26 03:23 443968 C:\Program Files\Picasa2\PicasaMediaDetector.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]--a------ 2006-05-19 07:51 774233 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]--a------ 2006-07-14 18:05 503808 C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]--a------ 2006-08-30 09:40 89542 C:\WINDOWS\AGRSMMSG.exe[HKEY_LOCAL_MACHINE\software\microsoft\security center]"AntiVirusDisableNotify"=dword:00000001[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]"EnableFirewall"= 0 (0x0)[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]"%windir%\\system32\\sessmgr.exe"=R1 ANC;ANC;C:\WINDOWS\system32\drivers\ANC.SYS [2005-11-08 09:27]R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]R1 IBMTPCHK;IBMTPCHK;C:\WINDOWS\system32\Drivers\IBMBLDID.sys [2006-01-13 00:33]R1 PMHler;PMHler;C:\WINDOWS\system32\drivers\PMHler.sys [2006-05-24 11:48]R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]R2 smi2;smi2;C:\Program Files\SMI2\smi2.sys [2006-07-14 15:55]R3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2006-07-10 20:33]S2 BridDfu;Access Point (AR) Device Driver;C:\WINDOWS\system32\Drivers\BridDfu.sys []S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08].Contents of the 'Scheduled Tasks' folder.- - - - ORPHANS REMOVED - - - -MSConfigStartUp-DiskeeperSystray - C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe.------- Supplementary Scan -------.FireFox -: Profile - C:\Documents and Settings\H&K\Dane aplikacji\Mozilla\Firefox\Profiles\4ryku7is.default\FireFox -: prefs.js - STARTUP.HOMEPAGE - **************************************************************************catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2008-08-02 17:37:05Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ... scanning hidden autostart entries ...scanning hidden files ... scan completed successfullyhidden files: 0**************************************************************************.--------------------- DLLs Loaded Under Running Processes ---------------------PROCESS: C:\WINDOWS\system32\winlogon.exe-> C:\Program Files\ThinkPad\ConnectUtilities\ACNotify.dll-> C:\Program Files\ThinkPad\ConnectUtilities\AcSvcStub.dll-> C:\Program Files\ThinkPad\ConnectUtilities\AcLocSettings.dll-> C:\Program Files\ThinkPad\ConnectUtilities\ACHelper.dll-> C:\Program Files\Softex\OmniPass\opxpgina.dll-> C:\WINDOWS\system32\tphklock.dll.------------------------ Other Running Processes ------------------------.C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exeC:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exeC:\Program Files\Softex\OmniPass\OmniServ.exeC:\Program Files\Lenovo\PM Driver\PMSveH.exeC:\WINDOWS\system32\rpcnetp.exeC:\Program Files\Lenovo\System Update\SUService.exeC:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exeC:\Program Files\Lenovo\Rescue and Recovery\rrservice.exeC:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exeC:\WINDOWS\system32\wdfmgr.exeC:\Program Files\Common Files\Lenovo\Logger\logmon.exeC:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exeC:\Program Files\Softex\OmniPass\OPXPApp.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exeC:\WINDOWS\system32\wscntfy.exeC:\Program Files\PC Connectivity Solution\ServiceLayer.exeC:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclBCBTSrv.exe.**************************************************************************.Completion time: 2008-08-02 17:40:59 - machine was rebootedComboFix-quarantined-files.txt 2008-08-02 15:40:53Pre-Run: 39,184,830,464 bajtów wolnychPost-Run: 39,669,166,080 bajt˘w wolnych186 --- E O F --- 2008-07-13 20:05:56

dziekuję.

chciałem wstawić jeszcze silentrunnera ale nie mogę znalezc file z logiem.

podpowiedzi proszę szerzej, łopatologicznie, krok po kroku, dzieki :)

//logi wstawiamy w tagi code a nie quote

//vocativus

Mateusz J.
komentarz
komentarz
O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

Fix w HijackThis.

Poprzez Fix rozumie: Uruchomienie HijackThis => kliknięcie Do a system scan only => zaznaczenie kwadracika obok wpisu, który podałem, kliknięcie Fix checked.

Jednak, to tylko kosmetyka.

ComboFix jest czysty.

chciałem wstawić jeszcze silentrunnera ale nie mogę znalezc file z logiem.
5) Nasz "Log" znajduje sie w tej samej lokalizacji, w dokumencie tekstowym o nazwie:

Startup Programs, kopiujemy jego zawartość i wklejamy w TAGACH na forum, do sprawdzenia.

Cytat z poradnika http://www.forumpc.pl/index.php?showtopic=11017 .

Na wszelki wypadek zrestartuj przywracanie systemu.

Zrestartowania przywracania systemu polega na wyłączeniu, a następnie włączeniu przywracania systemu.

Wykonanie:

Start => Panel sterowania => system => zakładka:przywracanie systemu => zaznacz Wyłącz przywracanie systemu na wszystkich dyskach => Zastosuj => Ok

Następnie robisz to samo tylko, że odznaczasz: Wyłącz przywracanie systemu na wszystkich dyskach

Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!

Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.

×
×
  • Dodaj nową pozycję...

Powiadomienie o plikach cookie

Strona wykorzystuje pliki cookies w celu prawidłowego świadczenia usług i wygody użytkowników. Warunki przechowywania i dostępu do plików cookies możesz zmienić w ustawieniach przeglądarki.