Prosze o pomoc.
Logi z HiJack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:06:11, on 2008-11-06
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\ibmpmsvc.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\windows\system32\spoolsv.exe
C:\WINDOWS\system32\Drivers\trcboot.exe
C:\Program Files\IBM\Personal Communications\PCS_AGNT.EXE
C:\Program Files\IBM\Mobility Client\artstartsvc.exe
C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
C:\Program Files\iPlus\Drivers\driver2k\GTMax3.6\GtDetectSc.exe
C:\Program Files\iPlus\Drivers\driver2k\GTMax3.6\GtFlashSwitch.exe
C:\Program Files\c4ebreg\c4ebreg.exe
C:\windows\system32\cmd.exe
c:\sdwork\issimsvc.exe
C:\notes\ntmulti.exe
C:\Program Files\AT&T Network Client\NetCfgSv.EXE
C:\windows\System32\QCONSVC.EXE
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\IBM\tivoli\dcd\client\ISSI_jvm\jre\bin\java.exe
c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
C:\windows\system32\svchost.exe
C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
C:\windows\System32\TPHDEXLG.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\Drivers\ldlcserv.exe
C:\windows\system32\Ati2evxx.exe
C:\windows\Explorer.EXE
C:\windows\TEMP\4AA1.tmp
C:\Program Files\IBM\Personal Communications\tpam.exe
C:\Program Files\c4ebreg\isamtray.exe
C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
C:\windows\system32\RunDll32.exe
C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
C:\windows\system32\rundll32.exe
C:\windows\system32\TpShocks.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\Program Files\IBM\IPM Client Migration Utility\ipmcmu.exe
C:\windows\system32\rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.common_1.3.14\pmonmh.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exe
C:\Program Files\IBM\Sametime Connect\sametime.exe
C:\PROGRA~1\IBM\SAMETI~1\jre\bin\sametime75.exe
C:\Program Files\IBM\Mobility Client\artcore.exe
C:\Program Files\IBM\Mobility Client\artifdown.exe
C:\Program Files\IBM\Mobility Client\toolbar.exe
C:\Program Files\IBM\Mobility Client\artbcast.exe
C:\notes\NLNOTES.EXE
C:\notes\ntaskldr.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://w3.ibm.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = newproxy.diageo.com:80
F2 - REG:system.ini: UserInit=C:\windows\system32\userinit.exe
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM…\Run: [Tpam.exe] “C:\Program Files\IBM\Personal Communications\tpam.exe”
O4 - HKLM…\Run: [iSAMTray] “C:\Program Files\c4ebreg\isamtray.exe”
O4 - HKLM…\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM…\Run: [bMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM…\Run: [bMMLREF] C:\Program Files\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM…\Run: [bMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM…\Run: [bLOG] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
O4 - HKLM…\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM…\Run: [TP4EX] tp4ex.exe
O4 - HKLM…\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM…\Run: [TpShocks] TpShocks.exe
O4 - HKLM…\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM…\Run: [iSSI EZUpdate Service] “c:\sdwork\issimsvc.exe”
O4 - HKLM…\Run: [RescueRecoverySetPW] c:\sdwork\Rescue&RecoverySetPW.lnk
O4 - HKLM…\Run: [ipmcmu] c:\Program Files\IBM\IPM Client Migration Utility\ipmcmu.exe “c:\Program Files\IBM\IPM Client Migration Utility”
O4 - HKLM…\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,BluetoothAuthenticationAgent
O4 - HKLM…\Run: [defergui] c:/sdwork/defergui.exe
O4 - HKLM…\Run: [stgclean] c:\sdwork\w32main2.exe /cleanup
O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime
O4 - HKLM…\Run: [C4EBReg] “C:\Program Files\c4ebreg\c4ebreg.exe” /q
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [pmonmh] C:\Program Files\IBM\My Help\workspace…\plugins\com.ibm.myhelp.common_1.3.14/pmonmh.exe
O4 - HKLM…\Run: [iPlusManager] C:\Program Files\iPlus\iPlusChecker.exe
O4 - HKLM…\Run: [rs32net] C:\windows\System32\rs32net.exe
O4 - HKLM…\Run: [Ad Muncher] “C:\Program Files\Ad Muncher\AdMunch.exe” /bt
O4 - HKCU…\Run: [PC Suite Tray] “C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe” -onlytray
O4 - HKCU…\Run: [assistant2] “C:\Program Files\VoiceRite\Client\Viewer.exe” /minimize
O4 - HKUS\S-1-5-18…\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O9 - Extra ‘Tools’ menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth Software\btsendto_ie.htm
O14 - IERESET.INF: START_PAGE_URL=http://w3.ibm.com
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://pccheckup.dellfix.com/sdccommon/ … gctlcm.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - https://www-1.ibm.com/qp2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar … vSniff.cab
O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - https://www-307.ibm.com/pc/support/acce … /AcpIR.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar … /cabsa.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) - http://193.69.140.40/activex/AMC.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-95dd781fd1053707.spaces.live … nPUpld.cab
O16 - DPF: {9519B2A2-6592-4E41-8290-D0298459270C} (LNWebAssist Class) - http://w3.ibm.com/bluepages/scripts/lnwebassist.cab
O16 - DPF: {A4B28810-11A2-4956-82D1-B2DCBA4B2AFD} (gpwsx.plugin) - http://w3.ibm.com/tools/print/plugin/gpwsx.cab
O17 - HKLM\System\CCS\Services\Tcpip…{24B8749E-6097-4E2E-9296-FEBF66F3FE23}: NameServer = 85.255.116.71,85.255.112.63
O17 - HKLM\System\CCS\Services\Tcpip…{C6EB7AB0-6A1E-492F-AC55-761951376B41}: NameServer = 85.255.116.71,85.255.112.63
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = ibm.com,
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.116.71 85.255.112.63
O17 - HKLM\System\CS1\Services\Tcpip…{24B8749E-6097-4E2E-9296-FEBF66F3FE23}: NameServer = 85.255.116.71,85.255.112.63
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = ibm.com,
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.116.71 85.255.112.63
O23 - Service: AppnNode - IBM Corporation - C:\WINDOWS\system32\Drivers\appnnode.exe
O23 - Service: Mobility Client (ArtourService) - IBM - C:\Program Files\IBM\Mobility Client\artsvc.exe
O23 - Service: IBM Mobility Client Start Utility (artstartsvc) - Unknown owner - C:\Program Files\IBM\Mobility Client\artstartsvc.exe
O23 - Service: Microsoft ASPI Manager (aspimgr) - Unknown owner - C:\windows\system32\aspimgr.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\windows\system32\Ati2evxx.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Serwer apletów JDBC DB2 (DB2JDS) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2jds.exe
O23 - Service: Serwer ochrony DB2 (DB2NTSECSERVER) - International Business Machines Corporation - C:\Program Files\IBM\SQLLIB\BIN\db2sec.exe
O23 - Service: IBM DCD Standard Client (DCDClient-ISSI) (DCDClient-ISSI) - Unknown owner - C:\Program Files\IBM\tivoli\dcd\client\ISSI\cds\CDSWinSrv.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\DefWatch.exe
O23 - Service: GtDetectSc Service (GtDetectSc) - OptionNV - C:\Program Files\iPlus\Drivers\driver2k\GTMax3.6\GtDetectSc.exe
O23 - Service: GtFlashSwitch Service (GtFlashSwitch) - Option - C:\Program Files\iPlus\Drivers\driver2k\GTMax3.6\GtFlashSwitch.exe
O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\windows\system32\ibmpmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: IBM Standard Asset Manager Service (ISAMSvc) - IBM Corp. - C:\Program Files\c4ebreg\c4ebreg.exe
O23 - Service: ISSI EZUpdate (ISSIMon) - IBM Corp. - c:\sdwork\issimsvc.exe
O23 - Service: IS Service (ISSVC) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\ISSVC.exe
O23 - Service: IBM Enterprise Extender (ldlcserv) - IBM Corporation - C:\WINDOWS\system32\Drivers\ldlcserv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Multi-user Cleanup Service - IBM Corp - C:\notes\ntmulti.exe
O23 - Service: My Help (MyHelp) - Unknown owner - C:\Program Files\IBM\My Help\plugins\com.ibm.myhelp.installer\service\MyHelpService.exe (file missing)
O23 - Service: Network Configuration Service (NetCfgSvr) - AT&T - C:\Program Files\AT&T Network Client\NetCfgSv.EXE
O23 - Service: QCONSVC - IBM Corp. - C:\windows\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: SAVRoam (SavRoam) - symantec - c:\Program Files\Symantec Client Security\Symantec AntiVirus\SavRoam.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec AntiVirus\Rtvscan.exe
O23 - Service: Symantec SecurePort (SymSecurePort) - Symantec Corporation - C:\Program Files\Symantec Client Security\Symantec Client Firewall\SymSPort.exe
O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\windows\System32\TPHDEXLG.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
O23 - Service: IBM Trace Facility (TrcBoot) - IBM Corporation - C:\WINDOWS\system32\Drivers\trcboot.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
–
End of file - 14706 bytes
co wywalic??