Dodaj do ulubionych

WinPC Defender jak to wywalic???

10.04.09, 21:00
Help!!!
--
"Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

forum.gazeta.pl/forum/71,1.html?f=25097
Edytor zaawansowany
  • Gość: Kolobos IP: *.zask.pl 10.04.09, 22:05
    Daj log z combofix, wczesniej przeczytaj podwieszony temat!
  • hansgrubber 14.05.09, 18:12
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:04:38, on 2009-05-14
    Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\S24EvMon.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\System32\RegSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\websrvx\websrvx.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application
    Launcher\Application Launcher.exe
    C:\windows\pp06.exe
    C:\windows\freddy42.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program
    Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Documents and Settings\Administrator\Dane aplikacji\pcdefender.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\WINDOWS\system32\dll32.exe
    C:\WINDOWS\system32\DL32.exe
    C:\WINDOWS\system32\SYS32DLL.exe
    C:\Program Files\IBM\Bluetooth Software\BTTray.exe
    C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary
    Internet Files\Content.IE5\8ZMBIXY5\hijackthis[1].exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    www.google.pl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyServer = http=localhost:7171
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyOverride = *.local;<local>
    R0 - HKCU\Software\Microsoft\Internet
    Explorer\Toolbar,LinksFolderName = Łącza
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
    784B7D6BE0B3} - C:\Program Files\Common
    Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: IEocx Class - {06ec6572-7280-485a-a712-c380526bc048} -
    C:\WINDOWS\ieocx.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-
    A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet
    Explorer\SkypeIEPlugin.dll
    O2 - BHO: 219198 helper - {5B452B01-12C9-4286-81D9-2308AEB3CD94} -
    (no file)
    O2 - BHO: 218538 helper - {5E5EFA8F-9F53-418E-B78E-44866667A404} -
    C:\WINDOWS\system32\218538\218538.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
    C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-
    CF10577473F7} - C:\Program Files\Google\Google
    Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
    CE66B5AD205D} - C:\Program
    Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
    O2 - BHO: 179223 helper - {B3FA56CF-B3F9-4328-9802-CFAACEA86646} -
    C:\WINDOWS\system32\179223\179223.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-
    BB24-76C02E2E7C4E} - C:\Program Files\Google\Google
    Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O2 - BHO: 796525 helper - {E7F15AC4-E0A9-43F0-921B-70DFEA621220} -
    C:\WINDOWS\system32\796525\796525.dll
    O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-
    009027A5CD4F} - C:\Program Files\Google\Google
    Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
    Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog
    Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI
    Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program
    Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
    Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
    Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony
    Ericsson\Mobile2\Application Launcher\Application
    Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [sysldtray] C:\windows\ld06.exe
    O4 - HKLM\..\Run: [pp] C:\windows\pp06.exe
    O4 - HKLM\..\Run: [sysfbtray] C:\windows\freddy42.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep
    0 -k
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program
    Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program
    Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [sysav] C:\Documents and
    Settings\Administrator\Dane aplikacji\pcdefender.exe
    O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
    O4 - HKCU\..\Run: [dll32] dll32
    O4 - HKCU\..\Run: [DL32] DL32
    O4 - HKCU\..\Run: [SYS32DLL] SYS32DLL
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
    \CTFMON.EXE (User 'USŁUGA LOKALNA')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
    \CTFMON.EXE (User 'USŁUGA SIECIOWA')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
    \CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
    \CTFMON.EXE (User 'Default user')
    O4 - Global Startup: BTTray.lnk = ?
    O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB
    adapter.lnk = ?
    O8 - Extra context menu item: Send To &Bluetooth - C:\Program
    Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
    00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
    AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
    C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-
    5C8D4460577F} - C:\Program Files\IBM\Bluetooth
    Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-
    9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth
    Software\btsendto_ie.htm
    O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-
    E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
    00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
    BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) -
    www-
    307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl
    Class) -
    www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185917377855
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
    C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B71
  • hansgrubber 14.05.09, 18:16
    cd

    O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
    C:\Program Files\Google\Google
    Toolbar\Component\fastsearch_A8904FB862BD9564.dll
    O20 - Winlogon Notify: winrpc32 - C:\WINDOWS\SYSTEM32\winrpc32.dll
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft -
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
    C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
    C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
    Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
    Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150
    \Intel 32\IDriverT.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32
    \PnkBstrA.exe
    O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32
    \RegSrvc.exe
    O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel
    Corporation - C:\WINDOWS\System32\S24EvMon.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC
    Connectivity Solution\ServiceLayer.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service
    (default)) - Analog Devices, Inc. - C:\Program Files\Analog
    Devices\SoundMAX\SMAgent.exe
    O23 - Service: websrvx - Unknown owner - C:\Program
    Files\websrvx\websrvx.exe

    --
    End of file - 9083 bytes


    Mam nadzieje ze wszystko zrobilem jak trzeba. Prosze o pomoc i
    pozdrawiam. h
    --
    "Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
    prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

    forum.gazeta.pl/forum/71,1.html?f=25097
  • Gość: Kolobos IP: *.zask.pl 14.05.09, 19:14
    Po co odpisujesz po miesiacu skoro nie potrafisz czytac?! Miales dac log z combofix na wklej.org i podac link, a nie wklejac log z hijackthis w tresci.
  • hansgrubber 26.06.09, 21:54
    Swa nieumiejetnosc potwierdzam lektura Twej uprzejmej odpowiedzi. :)
    Czy moge Cie prosic o pomoc?
    --
    "Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
    prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

    forum.gazeta.pl/forum/71,1.html?f=25097
  • Gość: Kolobos IP: *.zask.pl 28.06.09, 00:07
    Juz wystarczajaco Ci pomoglem - podalem wszystko co trzeba! Pozostaje Ci wykonac to co napisalem (lub nie).

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka