Wolny komp, wolny internet, wolne uruchamianie

Proszę o sprawdzenie loga

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 20:29:09, on 2007-10-06

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Boot mode: Normal


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Cisco Systems\CSAgent\bin\CSAControl.exe

C:\Program Files\Cisco Systems\CSAgent\bin\leventmgr.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

C:\program files\marimba\tuner\Tuner.exe

C:\Program Files\Symantec AntiVirus\DefWatch.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Symantec AntiVirus\SavRoam.exe

C:\WINDOWS\System32\snmp.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Symantec AntiVirus\Rtvscan.exe

C:\Program Files\Control F1 Corporation\TConnect\Customer.exe

C:\WINDOWS\System32\TPHDEXLG.EXE

C:\WINDOWS\system32\TpKmpSVC.exe

C:\Program Files\UltraVNC\WinVNC.exe

C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\PROGRA~1\SYMANT~1\VPTray.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Sharp\Sharpdesk\SharpTray.exe

C:\Program Files\Sharp\Sharpdesk\FtpServer.exe

C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe

C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Sharp\Sharpdesk\nsapp.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\Microsoft ActiveSync\Wcescomm.exe

C:\Program Files\Cisco Systems\CSAgent\bin\okclient.exe

C:\PROGRA~1\MI3AA1~1\rapimgr.exe

C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.ibm.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://proxya.fsbp.com:80

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.248.78.*;10.12.7.*;169.254.94.*;0.1.0.*;127.0.0.*;192.168.90.*;10.22.5.*

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe

O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC.exe" -servicehelper

O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [SharpTray] "C:\Program Files\Sharp\Sharpdesk\SharpTray.exe"

O4 - HKLM\..\Run: [TypeRegChecker] "C:\Program Files\Sharp\Sharpdesk\TypeRegChecker.exe"

O4 - HKLM\..\Run: [FtpServer.exe] "C:\Program Files\Sharp\Sharpdesk\FtpServer.exe" -usedefault

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup

O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9

O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')

O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')

O4 - Global Startup: Cisco Security Agent.lnk = ?

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll

O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {01110A81-3E00-11D2-8470-0060089874ED} (Support.com - Control Command Class) - file://C:\Progra~1\VHD\tgcmd.cab

O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - file://C:\Progra~1\VHD\tgctlsi.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1174988192426

O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - file://C:\Progra~1\VHD\IbmEgath.cab

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = FSBP.com

O17 - HKLM\Software\..\Telephony: DomainName = FSBP.com

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = FSBP.com

O20 - AppInit_DLLs: csauser.dll

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

O20 - Winlogon Notify: rovalogn - C:\WINDOWS\system32\rovalogn.dll

O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe

O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: BFDPTuner - Marimba, Inc. - C:\program files\marimba\tuner\Tuner.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Cisco Security Agent (CSAgent) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\CSAgent\bin\CSAControl.exe

O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe

O23 - Service: Contivity VPN Service (ExtranetAccess) - Nortel Networks NA, Inc. - C:\Program Files\Nortel Networks\Extranet_serv.exe

O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe

O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

O23 - Service: TConnect Service (TConnect) - Control-F1 Corporation - C:\Program Files\Control F1 Corporation\TConnect\Customer.exe

O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE

O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

O23 - Service: VNC Server (winvnc) - UltraVNC - C:\Program Files\UltraVNC\WinVNC.exe


--

End of file - 8850 bytes

Złączono Posta : 06.10.2007 (Sob) 20:42

sprawdzi ktoś ?

Według mnie to do wywalenia te wpisy

O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O20 - Winlogon Notify: ACNotify - ACNotify.dll (file missing)

Ten wpis programem L2Mfix http://komputery.katalogi.pl/temat69833/

Z autostartu też bym usunęła co nieco, jak np.

O4 - HKLM…\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"

Tu poczytaj o zbędnikach w autostarcie

http://cybertrash.netarteria.pl/cyber/i … 378.0.html

Poczekaj jeszcze może ktoś się zlituje i odpowie bardziej fachowo.

Daj log z ComboFix