Z gory dziekuje i pozdrawiam!

Ilona

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:11:58, on 2008-07-15

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16674)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe

C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Lenovo\PM Driver\PMSveH.exe

C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe

C:\WINDOWS\system32\svchost.exe

c:\program files\lenovo\system update\suservice.exe

C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe

C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

C:\Program Files\Common Files\Lenovo\Logger\logmon.exe

C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe

C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe

C:\WINDOWS\AGRSMMSG.exe

C:\WINDOWS\system32\WLTRAY.exe

C:\WINDOWS\system32\hkcmd.exe

C:\WINDOWS\system32\igfxpers.exe

C:\WINDOWS\vsnp2std.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Panda Software\Panda Antivirus 2007\apvxdwin.exe

C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe

C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

C:\Program Files\ThinkVantage\AMSG\Amsg.exe

C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Windows Media Player\WMPNSCFG.exe

C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe

c:\program files\panda software\panda antivirus 2007\WebProxy.exe

C:\PROGRA~1\Lenovo\BLUETO~1\BTSTAC~1.EXE

C:\Program Files\Gadu-Gadu\gg.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll

O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM…\Run: [TPHOTKEY] C:\Program Files\Lenovo\HOTKEY\TPHKMGR.exe

O4 - HKLM…\Run: [TPWAUDAP] C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe

O4 - HKLM…\Run: [PMHandler] C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe

O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM…\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe

O4 - HKLM…\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM…\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM…\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM…\Run: [snp2std] C:\WINDOWS\vsnp2std.exe

O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM…\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM…\Run: [iSUSScheduler] “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start

O4 - HKLM…\Run: [LPManager] C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe

O4 - HKLM…\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

O4 - HKLM…\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe

O4 - HKLM…\Run: [cssauth] “C:\Program Files\Lenovo\Client Security Solution\cssauth.exe” silent

O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE” /s

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BTTray.lnk = ?

O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Wyślij do urządzenia &Bluetooth… - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s … wflash.cab

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\bin\btwdins.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe

O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exe

O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe

O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe

O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe

O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe

O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

–

End of file - 9267 bytes

Ja nie widzę nic podejrzanego.

Jeśli podejrzewasz infekcję daj log z -----> ComboFix

Pzdr KJB

Bardzo dziekuje! skoro nie ma nic podejrzanego to dalsze sprawdzanie sobie odpuszcze. Pozdrawiam!

Ja na twoim miejscu bym sobie nie odpuszczał, bo w hijackthis nie widać wszystkiego, więc daj nawet dla profilaktyki log z combofix

Przeczytaj te tematy i popraw tytuł oraz posta z logiem.

viewtopic.php?f=16&t=66889

viewtopic.php?f=16&t=253052

Zapoznaj się z regulaminem forum, w przeciwnym razie zostaną wyciągnięte konsekwencje.