Vista długo się zamyka

[Slawekbe5]

Witam

Vista długo się zamyka i długo otwiera a cały system pracuje dość wolno. Poniżej logi, proszę o pomoc.

Kod: Zaznacz wszystko

ComboFix 08-08-15.04 - user 2008-08-22 12:57:49.3 - NTFSx86
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1250.1.1045.18.201 [GMT 2:00]
Running from: C:\aplikacja z internetu\ComboFix.exe
.

(((((((((((((((((((((((((   Files Created from 2008-07-22 to 2008-08-22  )))))))))))))))))))))))))))))))
.

2008-08-22 12:40 . 2008-08-22 12:40   <DIR>   d--------   C:\Program Files\Trend Micro
2008-08-22 10:19 . 2008-08-22 10:19   <DIR>   d--------   C:\PerfLogs
2008-08-21 17:09 . 2008-08-21 17:09   <DIR>   d--------   C:\VundoFix Backups
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\Users\All Users\Avira
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\ProgramData\Avira
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\Program Files\Avira
2008-08-21 13:59 . 2008-08-21 13:59   <DIR>   d--------   C:\Program Files\CCleaner
2008-08-21 08:09 . 2008-08-22 12:43   <DIR>   d--------   C:\aplikacja z internetu
2008-08-17 13:46 . 2008-08-17 13:46   <DIR>   d--------   C:\Program Files\NAVIGO Copernicus
2008-08-17 13:22 . 2008-07-16 03:32   2,048   --a------   C:\Windows\System32\tzres.dll
2008-08-16 16:31 . 2008-06-19 05:31   361,984   --a------   C:\Windows\System32\IPSECSVC.DLL
2008-08-16 16:31 . 2008-01-19 09:36   272,896   --a------   C:\Windows\System32\polstore.dll
2008-08-16 16:31 . 2008-01-19 09:36   61,440   --a------   C:\Windows\System32\winipsec.dll
2008-08-16 16:31 . 2008-01-19 09:34   28,672   --a------   C:\Windows\System32\FwRemoteSvr.dll
2008-08-16 15:00 . 2008-04-18 07:48   269,312   --a------   C:\Windows\System32\es.dll
2008-08-16 14:47 . 2008-06-27 03:55   1,383,424   --a------   C:\Windows\System32\mshtml.tlb
2008-08-16 14:47 . 2008-06-27 06:15   827,392   --a------   C:\Windows\System32\wininet.dll
2008-08-16 14:30 . 2008-04-10 07:12   738,304   --a------   C:\Windows\System32\inetcomm.dll
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\sound
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\scenario
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\savegame
2008-07-29 20:57 . 2008-07-30 10:26   <DIR>   d--------   C:\Users\user\learn
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\help
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\data
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\campaign
2008-07-29 17:33 . 2008-01-19 09:38   4,595,712   --a------   C:\Windows\System32\AuthFWSnapin.dll
2008-07-29 17:32 . 2008-01-19 09:33   8,139,264   --a------   C:\Windows\System32\ssBranded.scr
2008-07-29 17:31 . 2008-01-19 09:35   3,072,000   --a------   C:\Windows\System32\networkmap.dll
2008-07-29 17:30 . 2008-01-19 08:06   8,147,456   --a------   C:\Windows\System32\wmploc.DLL
2008-07-29 17:29 . 2008-01-19 09:33   599,552   --a------   C:\Windows\System32\vsp1cln.exe
2008-07-29 17:29 . 2008-01-05 13:31   145,455   --a------   C:\Windows\System32\perfmon.msc
2008-07-29 17:29 . 2008-01-05 13:22   144,909   --a------   C:\Windows\System32\fsmgmt.msc
2008-07-29 17:29 . 2008-01-05 13:34   15,181   --a------   C:\Windows\System32\gatherWirelessInfo.vbs
2008-07-29 17:29 . 2008-01-05 13:31   3   --a------   C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2008-07-29 17:28 . 2008-01-19 09:36   357,888   --a------   C:\Windows\System32\wbemcomn.dll
2008-07-29 17:27 . 2008-01-19 09:36   704,512   --a------   C:\Windows\System32\SmiEngine.dll
2008-07-29 17:27 . 2008-01-19 09:36   139,264   --a------   C:\Windows\System32\SmiInstaller.dll
2008-07-29 17:26 . 2008-01-19 09:36   218,624   --a------   C:\Windows\System32\wdscore.dll
2008-07-29 17:26 . 2008-01-19 09:33   130,560   --a------   C:\Windows\System32\PkgMgr.exe
2008-07-29 17:24 . 2008-01-19 09:34   305,152   --a------   C:\Windows\System32\msdelta.dll
2008-07-29 17:24 . 2008-01-19 09:34   258,560   --a------   C:\Windows\System32\dpx.dll
2008-07-29 17:24 . 2008-01-19 09:34   246,784   --a------   C:\Windows\System32\drvstore.dll
2008-07-29 17:24 . 2008-01-19 09:35   35,328   --a------   C:\Windows\System32\mspatcha.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-22 08:36   174   --sha-w   C:\Program Files\desktop.ini
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Sidebar
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Photo Gallery
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Mail
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Collaboration
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Calendar
2008-08-22 08:23   ---------   d-----w   C:\Program Files\Windows Defender
2008-08-22 07:32   ---------   d-----w   C:\ProgramData\Microsoft Help
2008-08-21 13:07   ---------   d-----w   C:\Program Files\Symantec
2008-08-21 13:07   ---------   d-----w   C:\Program Files\Common Files\Symantec Shared
2008-08-21 12:22   ---------   d-----w   C:\ProgramData\Symantec
2008-07-29 19:03   ---------   d-----w   C:\Users\user\AppData\Roaming\Corel
2008-07-02 08:25   ---------   d-----w   C:\Program Files\Google
2008-06-27 12:38   ---------   d-----w   C:\Program Files\Java
2008-01-17 04:17   1,226,320   ------w   C:\Users\All Users\pswi_preloaded.exe
2008-01-17 04:17   1,226,320   ------w   C:\ProgramData\pswi_preloaded.exe
1997-09-25 10:48   2,662,400   ------w   C:\Users\user\SETUPENU.DLL
1997-09-25 10:45   32,768   ------w   C:\Users\user\AoEHlp.dll
1997-09-25 10:45   27,136   ------w   C:\Users\user\aelaunch.dll
1997-09-25 10:45   171,520   ------w   C:\Users\user\language.dll
1997-09-25 10:45   1,605,632   ------w   C:\Users\user\Empires.exe
1997-09-24 11:33   32,768   ------w   C:\Users\user\Setup.exe
2008-03-16 10:07   16,384   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-16 10:07   32,768   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-16 10:07   16,384   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-06-30 17:37 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 14:37 174872]
"FingerPrintSoftware"="C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" [2007-05-31 14:07 946176]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-15 17:21 217176]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [2007-03-14 16:42 321088]
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 16:48 419112]
"ACWLIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 16:49 124200]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-01-02 18:07 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-01-02 18:06 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-01-02 18:07 133656]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2008-01-19 09:33 227840]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2007-01-08 21:12 536576]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 13:04 4423680 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-03-16 09:06 1822720 C:\Windows\SkyTel.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\LENOVO~3\Power2Go\CLMP3Enc.ACM

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=C:\Windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LenovoRegistration.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LenovoRegistration.lnk
backup=C:\Windows\pss\LenovoRegistration.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
--------- 2007-02-01 20:00 439856 C:\Program Files\ThinkVantage\AMSG\Amsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
--------- 2006-11-07 12:51 91688 C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraApplicationLauncher]
--------- 2007-08-22 18:26 16384 C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--------- 2006-11-13 12:10 478800 C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
--------- 2007-08-09 12:03 2630968 C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--------- 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--------- 2006-12-05 23:55 54832 C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LenovoOobeOffers]
--------- 2007-09-25 21:53 28672 c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
--------- 2007-04-26 19:10 120368 C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMHandler]
--------- 2007-06-05 18:11 34352 C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2006-11-23 16:10 56928 C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2008-01-19 09:33 1233920 C:\Program Files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
--------- 2006-12-28 20:48 569344 C:\Windows\vsnp2uvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--------- 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--------- 2008-06-30 17:37 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
--a------ 2008-01-29 17:38 583048 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-10-23 04:00 815104 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
--------- 2007-04-09 20:03 58416 C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPWAUDAP]
--------- 2006-09-06 09:38 54824 C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
--------- 2007-01-08 21:12 536576 C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CF8929B3-7355-47A6-8071-9D56B8920E3C}"= C:\Program Files\Lenovo Multimedia Center\PowerDirector Express\PDX.EXE:CyberLink PowerDirector Express
"{7EC3EA10-9CA5-4694-9F52-3CF2F31EE722}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{2F196608-84BA-42F5-9125-9AC616303822}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E98BCD53-1AE1-4BF8-A8FF-92EAA48BF3BC}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080813.001\IDSvix86.sys [2008-05-13 00:27]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiif32.sys [2006-08-30 12:04]
R2 FNF5SVC;Fn+F5 Service;C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe [2007-04-09 03:24]
R2 TPHKSVC;On Screen Display;C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2007-03-02 07:07]
R2 TVT Backup Protection Service;TVT Backup Protection Service;C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-08 21:03]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 16:03]
R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 21:46]
R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 08:20]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 08:20]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys [2007-05-22 16:59]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork   REG_MULTI_SZ      PLA DPS BFE mpssvc
bthsvcs   REG_MULTI_SZ      BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05d8308e-2e58-11dd-aa31-001dd9fc8af2}]
\shell\AutoRun\command - D:\USBNB.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c099acd-e44e-11dc-a458-001dd9fc8af2}]
\shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff5b94aa-e489-11dc-9eb2-001dd9fc8af2}]
\shell\AutoRun\command - D:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff5b94c2-e489-11dc-9eb2-001dd9fc8af2}]
\shell\AutoRun\command - D:\AutoRun.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-22 C:\Windows\Tasks\User_Feed_Synchronization-{7EF5CC87-B7E2-45CF-82EB-C3E2E5868936}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\hq1rdkhm.default\


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-22 13:10:45
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-22 13:13:18
ComboFix-quarantined-files.txt  2008-08-22 11:13:09

Pre-Run: 73,200,103,424 bajtów wolnych
Post-Run: 71,692,161,024 bajtów wolnych

224   --- E O F ---   2008-08-22 08:04:19


i

Kod: Zaznacz wszystko

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:57, on 2008-08-22
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Pure Networks\Network Magic\nmapp.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start24.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com.pl/0SEPLPL/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: ThinkVantage Password Manager - {F040E541-A427-4CF7-85D8-75E3E0F476C5} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [FingerPrintSoftware] "C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" \s
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [nmapp] "C:\Program Files\Pure Networks\Network Magic\nmapp.exe" -autorun -nosplash
O4 - HKLM\..\Run: [ACTray] C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe
O4 - HKLM\..\Run: [ACWLIcon] C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'USŁUGA SIECIOWA')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij obraz do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Wyślij stronę do urządzenia &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Fn+F5 Service (FNF5SVC) - Lenovo. - C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: IPS Core Service (IPSSVC) - Lenovo Group Limited - C:\Windows\system32\IPSSVC.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Pure Networks Net2Go Service (nmraapache) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
O23 - Service: Pure Networks Network Magic Service (nmservice) - Pure Networks, Inc. - C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
O23 - Service: PMSveH - Lenovo - C:\Program Files\Lenovo\PM Driver\PMSveH.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: System Update (SUService) - Lenovo Group Limited - c:\Program Files\Lenovo\System Update\SUService.exe
O23 - Service: ThinkVantage Registry Monitor Service - Lenovo Group Limited - C:\Program Files\Common Files\Lenovo\tvt_reg_monitor_svc.exe
O23 - Service: On Screen Display (TPHKSVC) - Unknown owner - C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe
O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
O23 - Service: TVT Backup Protection Service - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe
O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - c:\Program Files\Common Files\Lenovo\Scheduler\tvtsched.exe

--
End of file - 9042 bytes


[Dementor]

A moze bys napisał jaka masz konfiguracje kompa +Moc marka zasilacza

[djarta]

1)

Wklej do Notatnika:

Kod: Zaznacz wszystko

Folder::
C:\VundoFix Backups

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{05d8308e-2e58-11dd-aa31-001dd9fc8af2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3c099acd-e44e-11dc-a458-001dd9fc8af2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff5b94aa-e489-11dc-9eb2-001dd9fc8af2}]
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ff5b94c2-e489-11dc-9eb2-001dd9fc8af2}]


>>Plik>>Zapisz jako... >>> CFScript
Przeciągnij i upuść plik CFScript.txt na plik ComboFix.exe
-->
Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.
Jeśli pójdzie dobrze, to: Po restarcie usuń ręcznie folder C:\Qoobox.

2)

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA')

>>Hijack>>scan(Do a system scan only)>>zaznacz je >>Fix checked

3)

C:\Windows\system32\msfeedssync.exe

Sprawdź go na --> http://virusscan.jotti.org/
albo na http://www.virustotal.com/en/indexf.html.


============================
K.

[Slawekbe5]

A moze bys napisał jaka masz konfiguracje kompa +Moc marka zasilacza

To jest laptop. Nie mój a znajomego, któremu pojawiły się te objawy. Laptop Lenovo 3000 N200

Dodano Dzisiaj, 13:49:

Ma się rozpocząć usuwanie. (i powstanie log).Daj ten log, który powstanie w trakcie usuwania.

LOG

Kod: Zaznacz wszystko

ComboFix 08-08-15.04 - user 2008-08-22 13:39:46.4 - NTFSx86
Microsoft® Windows Vista™ Home Basic   6.0.6001.1.1250.1.1045.18.138 [GMT 2:00]
Running from: C:\aplikacja z internetu\ComboFix.exe
Command switches used :: C:\Users\user\Desktop\CFScript.txt
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\VundoFix Backups

.
(((((((((((((((((((((((((   Files Created from 2008-07-22 to 2008-08-22  )))))))))))))))))))))))))))))))
.

2008-08-22 12:40 . 2008-08-22 12:40   <DIR>   d--------   C:\Program Files\Trend Micro
2008-08-22 10:19 . 2008-08-22 10:19   <DIR>   d--------   C:\PerfLogs
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\Users\All Users\Avira
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\ProgramData\Avira
2008-08-21 16:55 . 2008-08-21 16:55   <DIR>   d--------   C:\Program Files\Avira
2008-08-21 13:59 . 2008-08-21 13:59   <DIR>   d--------   C:\Program Files\CCleaner
2008-08-21 08:09 . 2008-08-22 12:43   <DIR>   d--------   C:\aplikacja z internetu
2008-08-17 13:46 . 2008-08-17 13:46   <DIR>   d--------   C:\Program Files\NAVIGO Copernicus
2008-08-17 13:22 . 2008-07-16 03:32   2,048   --a------   C:\Windows\System32\tzres.dll
2008-08-16 16:31 . 2008-06-19 05:31   361,984   --a------   C:\Windows\System32\IPSECSVC.DLL
2008-08-16 16:31 . 2008-01-19 09:36   272,896   --a------   C:\Windows\System32\polstore.dll
2008-08-16 16:31 . 2008-01-19 09:36   61,440   --a------   C:\Windows\System32\winipsec.dll
2008-08-16 16:31 . 2008-01-19 09:34   28,672   --a------   C:\Windows\System32\FwRemoteSvr.dll
2008-08-16 15:00 . 2008-04-18 07:48   269,312   --a------   C:\Windows\System32\es.dll
2008-08-16 14:47 . 2008-06-27 03:55   1,383,424   --a------   C:\Windows\System32\mshtml.tlb
2008-08-16 14:47 . 2008-06-27 06:15   827,392   --a------   C:\Windows\System32\wininet.dll
2008-08-16 14:30 . 2008-04-10 07:12   738,304   --a------   C:\Windows\System32\inetcomm.dll
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\sound
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\scenario
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\savegame
2008-07-29 20:57 . 2008-07-30 10:26   <DIR>   d--------   C:\Users\user\learn
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\help
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\data
2008-07-29 20:57 . 2008-07-29 20:57   <DIR>   d--------   C:\Users\user\campaign
2008-07-29 17:33 . 2008-01-19 09:38   4,595,712   --a------   C:\Windows\System32\AuthFWSnapin.dll
2008-07-29 17:32 . 2008-01-19 09:33   8,139,264   --a------   C:\Windows\System32\ssBranded.scr
2008-07-29 17:31 . 2008-01-19 09:35   3,072,000   --a------   C:\Windows\System32\networkmap.dll
2008-07-29 17:30 . 2008-01-19 08:06   8,147,456   --a------   C:\Windows\System32\wmploc.DLL
2008-07-29 17:29 . 2008-01-19 09:33   599,552   --a------   C:\Windows\System32\vsp1cln.exe
2008-07-29 17:29 . 2008-01-05 13:31   145,455   --a------   C:\Windows\System32\perfmon.msc
2008-07-29 17:29 . 2008-01-05 13:22   144,909   --a------   C:\Windows\System32\fsmgmt.msc
2008-07-29 17:29 . 2008-01-05 13:34   15,181   --a------   C:\Windows\System32\gatherWirelessInfo.vbs
2008-07-29 17:29 . 2008-01-05 13:31   3   --a------   C:\Windows\System32\drivers\MsftWdf_Kernel_01007_Inbox_Critical.Wdf
2008-07-29 17:28 . 2008-01-19 09:36   357,888   --a------   C:\Windows\System32\wbemcomn.dll
2008-07-29 17:27 . 2008-01-19 09:36   704,512   --a------   C:\Windows\System32\SmiEngine.dll
2008-07-29 17:27 . 2008-01-19 09:36   139,264   --a------   C:\Windows\System32\SmiInstaller.dll
2008-07-29 17:26 . 2008-01-19 09:36   218,624   --a------   C:\Windows\System32\wdscore.dll
2008-07-29 17:26 . 2008-01-19 09:33   130,560   --a------   C:\Windows\System32\PkgMgr.exe
2008-07-29 17:24 . 2008-01-19 09:34   305,152   --a------   C:\Windows\System32\msdelta.dll
2008-07-29 17:24 . 2008-01-19 09:34   258,560   --a------   C:\Windows\System32\dpx.dll
2008-07-29 17:24 . 2008-01-19 09:34   246,784   --a------   C:\Windows\System32\drvstore.dll
2008-07-29 17:24 . 2008-01-19 09:35   35,328   --a------   C:\Windows\System32\mspatcha.dll

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-22 08:36   174   --sha-w   C:\Program Files\desktop.ini
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Sidebar
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Photo Gallery
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Mail
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Collaboration
2008-08-22 08:24   ---------   d-----w   C:\Program Files\Windows Calendar
2008-08-22 08:23   ---------   d-----w   C:\Program Files\Windows Defender
2008-08-22 07:32   ---------   d-----w   C:\ProgramData\Microsoft Help
2008-08-21 13:07   ---------   d-----w   C:\Program Files\Symantec
2008-08-21 13:07   ---------   d-----w   C:\Program Files\Common Files\Symantec Shared
2008-08-21 12:22   ---------   d-----w   C:\ProgramData\Symantec
2008-07-29 19:03   ---------   d-----w   C:\Users\user\AppData\Roaming\Corel
2008-07-02 08:25   ---------   d-----w   C:\Program Files\Google
2008-06-27 12:38   ---------   d-----w   C:\Program Files\Java
2008-01-17 04:17   1,226,320   ------w   C:\Users\All Users\pswi_preloaded.exe
2008-01-17 04:17   1,226,320   ------w   C:\ProgramData\pswi_preloaded.exe
1997-09-25 10:48   2,662,400   ------w   C:\Users\user\SETUPENU.DLL
1997-09-25 10:45   32,768   ------w   C:\Users\user\AoEHlp.dll
1997-09-25 10:45   27,136   ------w   C:\Users\user\aelaunch.dll
1997-09-25 10:45   171,520   ------w   C:\Users\user\language.dll
1997-09-25 10:45   1,605,632   ------w   C:\Users\user\Empires.exe
1997-09-24 11:33   32,768   ------w   C:\Users\user\Setup.exe
2008-03-16 10:07   16,384   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2008-03-16 10:07   32,768   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2008-03-16 10:07   16,384   --sh--w   C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.

(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-06-30 17:37 171448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 14:37 174872]
"FingerPrintSoftware"="C:\Program Files\Lenovo Fingerprint Software\fpapp.exe" [2007-05-31 14:07 946176]
"DiskeeperSystray"="C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" [2006-11-15 17:21 217176]
"nmapp"="C:\Program Files\Pure Networks\Network Magic\nmapp.exe" [2007-03-14 16:42 321088]
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe" [2007-07-05 16:48 419112]
"ACWLIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWLIcon.exe" [2007-07-05 16:49 124200]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2008-01-02 18:07 141848]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2008-01-02 18:06 166424]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2008-01-02 18:07 133656]
"MSConfig"="C:\Windows\system32\msconfig.exe" [2008-01-19 09:33 227840]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 14:28 266497]
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe" [2007-01-08 21:12 536576]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 04:00 815104]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 13:04 4423680 C:\Windows\RtHDVCpl.exe]
"Skytel"="Skytel.exe" [2007-03-16 09:06 1822720 C:\Windows\SkyTel.exe]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.clmp3enc"= C:\PROGRA~1\LENOVO~3\Power2Go\CLMP3Enc.ACM

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=C:\Windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Synchronizer.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Synchronizer.lnk
backup=C:\Windows\pss\Adobe Reader Synchronizer.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^BTTray.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BTTray.lnk
backup=C:\Windows\pss\BTTray.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^LenovoRegistration.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LenovoRegistration.lnk
backup=C:\Windows\pss\LenovoRegistration.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AMSG]
--------- 2007-02-01 20:00 439856 C:\Program Files\ThinkVantage\AMSG\Amsg.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AwaySch]
--------- 2006-11-07 12:51 91688 C:\Program Files\Lenovo\AwayTask\AwaySch.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CameraApplicationLauncher]
--------- 2007-08-22 18:26 16384 C:\Program Files\Lenovo\Camera Center\bin\CameraApplicationLaunchPadLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
--------- 2006-11-13 12:10 478800 C:\Program Files\Corel\Corel Snapfire Plus\Corel Photo Downloader.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cssauth]
--------- 2007-08-09 12:03 2630968 C:\Program Files\Lenovo\Client Security Solution\cssauth.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--------- 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LanguageShortcut]
--------- 2006-12-05 23:55 54832 C:\Program Files\Lenovo Multimedia Center\PowerDVD\Language\Language.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LenovoOobeOffers]
--------- 2007-09-25 21:53 28672 c:\SWTOOLS\LenovoWelcome\LenovoOobeOffers.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LPManager]
--------- 2007-04-26 19:10 120368 C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PMHandler]
--------- 2007-06-05 18:11 34352 C:\PROGRA~1\Lenovo\PMDRIV~1\PMHandler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--------- 2006-11-23 16:10 56928 C:\Program Files\Lenovo Multimedia Center\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sidebar]
--a------ 2008-01-19 09:33 1233920 C:\Program Files\Windows Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\snp2uvc]
--------- 2006-12-28 20:48 569344 C:\Windows\vsnp2uvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--------- 2008-02-22 04:25 144784 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--------- 2008-06-30 17:37 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec PIF AlertEng]
--a------ 2008-01-29 17:38 583048 C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
--a------ 2006-10-23 04:00 815104 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPFNF7]
--------- 2007-04-09 20:03 58416 C:\Program Files\Lenovo\NPDIRECT\tpfnf7sp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPWAUDAP]
--------- 2006-09-06 09:38 54824 C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TVT Scheduler Proxy]
--------- 2007-01-08 21:12 536576 C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CF8929B3-7355-47A6-8071-9D56B8920E3C}"= C:\Program Files\Lenovo Multimedia Center\PowerDirector Express\PDX.EXE:CyberLink PowerDirector Express
"{7EC3EA10-9CA5-4694-9F52-3CF2F31EE722}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{2F196608-84BA-42F5-9125-9AC616303822}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{E98BCD53-1AE1-4BF8-A8FF-92EAA48BF3BC}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080813.001\IDSvix86.sys [2008-05-13 00:27]
R1 lenovo.smi;Lenovo System Interface Driver;C:\Windows\system32\DRIVERS\smiif32.sys [2006-08-30 12:04]
R2 FNF5SVC;Fn+F5 Service;C:\Program Files\LENOVO\HOTKEY\FNF5SVC.exe [2007-04-09 03:24]
R2 TPHKSVC;On Screen Display;C:\Program Files\LENOVO\HOTKEY\TPHKSVC.exe [2007-03-02 07:07]
R2 TVT Backup Protection Service;TVT Backup Protection Service;C:\Program Files\Lenovo\Rescue and Recovery\rrpservice.exe [2007-01-08 21:03]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-02-08 16:03]
R3 btwaudio;Urz1dzenie dYwiekowe Bluetooth;C:\Windows\system32\drivers\btwaudio.sys [2007-03-29 21:46]
R3 btwavdt;Bluetooth AVDT;C:\Windows\system32\drivers\btwavdt.sys [2007-02-27 08:20]
R3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys [2007-02-27 08:20]
R3 TVTI2C;Lenovo SM bus driver;C:\Windows\system32\DRIVERS\Tvti2c.sys [2007-05-22 16:59]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork   REG_MULTI_SZ      PLA DPS BFE mpssvc
bthsvcs   REG_MULTI_SZ      BthServ
.
Contents of the 'Scheduled Tasks' folder

2008-08-22 C:\Windows\Tasks\User_Feed_Synchronization-{7EF5CC87-B7E2-45CF-82EB-C3E2E5868936}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 09:33]
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-22 13:43:54
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-08-22 13:46:27
ComboFix-quarantined-files.txt  2008-08-22 11:46:15
ComboFix2.txt  2008-08-22 11:13:20

Pre-Run: 71,133,319,168 bajtów wolnych
Post-Run: 71,093,571,584 bajtów wolnych

216   --- E O F ---   2008-08-22 08:04:19


[djarta]

Plik sprawdzony?

========================
K.

[Slawekbe5]

Zrobiłem wszystko jak pisaliście i co mogłem - skanowanie pr. antywirusowym, czyszczenie ze śmieci. Kompa oddałem koledze - uruchamia i wyłącza się zauważalnie szybciej. Miał sporo śmieci, które zostały po przeglądaniu Internetu.