Dodaj do ulubionych

WinPC Defender jak to wywalic???

10.04.09, 21:00
Help!!!
--
"Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

forum.gazeta.pl/forum/71,1.html?f=25097
Edytor zaawansowany
 • Gość: Kolobos IP: *.zask.pl 10.04.09, 22:05
  Daj log z combofix, wczesniej przeczytaj podwieszony temat!
 • hansgrubber 14.05.09, 18:12
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 18:04:38, on 2009-05-14
  Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
  Boot mode: Normal

  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\System32\S24EvMon.exe
  C:\WINDOWS\system32\Ati2evxx.exe
  C:\WINDOWS\Explorer.EXE
  C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
  C:\WINDOWS\system32\PnkBstrA.exe
  C:\WINDOWS\System32\RegSrvc.exe
  C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\websrvx\websrvx.exe
  C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
  C:\WINDOWS\AGRSMMSG.exe
  C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
  C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
  C:\Program Files\Sony Ericsson\Mobile2\Application
  Launcher\Application Launcher.exe
  C:\windows\pp06.exe
  C:\windows\freddy42.exe
  C:\WINDOWS\system32\ctfmon.exe
  C:\Program Files\Messenger\msmsgs.exe
  C:\Program
  Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  C:\Documents and Settings\Administrator\Dane aplikacji\pcdefender.exe
  C:\WINDOWS\system32\rundll32.exe
  C:\WINDOWS\system32\dll32.exe
  C:\WINDOWS\system32\DL32.exe
  C:\WINDOWS\system32\SYS32DLL.exe
  C:\Program Files\IBM\Bluetooth Software\BTTray.exe
  C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\WINDOWS\system32\wuauclt.exe
  C:\Program Files\Common Files\Teleca Shared\Generic.exe
  C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
  C:\Program Files\Skype\Phone\Skype.exe
  C:\Program Files\Skype\Plugin Manager\skypePM.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Documents and Settings\Administrator\Ustawienia lokalne\Temporary
  Internet Files\Content.IE5\8ZMBIXY5\hijackthis[1].exe

  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
  www.google.pl/
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
  Settings,ProxyServer = http=localhost:7171
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
  Settings,ProxyOverride = *.local;<local>
  R0 - HKCU\Software\Microsoft\Internet
  Explorer\Toolbar,LinksFolderName = Łącza
  O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
  784B7D6BE0B3} - C:\Program Files\Common
  Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
  O2 - BHO: IEocx Class - {06ec6572-7280-485a-a712-c380526bc048} -
  C:\WINDOWS\ieocx.dll
  O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-
  A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet
  Explorer\SkypeIEPlugin.dll
  O2 - BHO: 219198 helper - {5B452B01-12C9-4286-81D9-2308AEB3CD94} -
  (no file)
  O2 - BHO: 218538 helper - {5E5EFA8F-9F53-418E-B78E-44866667A404} -
  C:\WINDOWS\system32\218538\218538.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
  C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-
  CF10577473F7} - C:\Program Files\Google\Google
  Toolbar\GoogleToolbar.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-
  CE66B5AD205D} - C:\Program
  Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
  O2 - BHO: 179223 helper - {B3FA56CF-B3F9-4328-9802-CFAACEA86646} -
  C:\WINDOWS\system32\179223\179223.dll
  O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-
  BB24-76C02E2E7C4E} - C:\Program Files\Google\Google
  Toolbar\Component\fastsearch_A8904FB862BD9564.dll
  O2 - BHO: 796525 helper - {E7F15AC4-E0A9-43F0-921B-70DFEA621220} -
  C:\WINDOWS\system32\796525\796525.dll
  O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-
  009027A5CD4F} - C:\Program Files\Google\Google
  Toolbar\GoogleToolbar.dll
  O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog
  Devices\SoundMAX\SMax4PNP.exe
  O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog
  Devices\SoundMAX\Smax4.exe /tray
  O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
  O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
  O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI
  Control Panel\atiptaxx.exe
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [RemoteControl] "C:\Program
  Files\CyberLink\PowerDVD\PDVDServ.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
  Files\Java\jre1.6.0_03\bin\jusched.exe"
  O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program
  Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
  O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony
  Ericsson\Mobile2\Application Launcher\Application
  Launcher.exe" /startoptions
  O4 - HKLM\..\Run: [sysldtray] C:\windows\ld06.exe
  O4 - HKLM\..\Run: [pp] C:\windows\pp06.exe
  O4 - HKLM\..\Run: [sysfbtray] C:\windows\freddy42.exe
  O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep
  0 -k
  O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
  O4 - HKCU\..\Run: [MSMSGS] "C:\Program
  Files\Messenger\msmsgs.exe" /background
  O4 - HKCU\..\Run: [swg] C:\Program
  Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [sysav] C:\Documents and
  Settings\Administrator\Dane aplikacji\pcdefender.exe
  O4 - HKCU\..\Run: [dll] rundll32 dll32,sm
  O4 - HKCU\..\Run: [dll32] dll32
  O4 - HKCU\..\Run: [DL32] DL32
  O4 - HKCU\..\Run: [SYS32DLL] SYS32DLL
  O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
  \CTFMON.EXE (User 'USŁUGA LOKALNA')
  O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
  \CTFMON.EXE (User 'USŁUGA SIECIOWA')
  O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
  \CTFMON.EXE (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32
  \CTFMON.EXE (User 'Default user')
  O4 - Global Startup: BTTray.lnk = ?
  O4 - Global Startup: Program sieciowy dla SAGEM Wi-Fi 11g USB
  adapter.lnk = ?
  O8 - Extra context menu item: Send To &Bluetooth - C:\Program
  Files\IBM\Bluetooth Software\btsendto_ie_ctx.htm
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
  00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-
  AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
  O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
  C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
  O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-
  5C8D4460577F} - C:\Program Files\IBM\Bluetooth
  Software\btsendto_ie.htm
  O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-
  9331-5C8D4460577F} - C:\Program Files\IBM\Bluetooth
  Software\btsendto_ie.htm
  O9 - Extra button: Software Installer - {D1A4DEBD-C2EE-449f-B9FB-
  E8409F9A0BC5} - C:\Program Files\Lenovo\PkgMgr\\PkgMgr.exe
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-
  00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-
  BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
  O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) -
  www-
  307.ibm.com/pc/support/access/aslibmain/content/AcpIR.cab
  O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl
  Class) -
  www.update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1185917377855
  O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
  C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
  O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B71
 • hansgrubber 14.05.09, 18:16
  cd

  O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} -
  C:\Program Files\Google\Google
  Toolbar\Component\fastsearch_A8904FB862BD9564.dll
  O20 - Winlogon Notify: winrpc32 - C:\WINDOWS\SYSTEM32\winrpc32.dll
  O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft -
  C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
  O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
  C:\WINDOWS\System32\Ati2evxx.exe
  O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. -
  C:\Program Files\IBM\Bluetooth Software\bin\btwdins.exe
  O23 - Service: Google Software Updater (gusvc) - Google - C:\Program
  Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
  Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150
  \Intel 32\IDriverT.exe
  O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32
  \PnkBstrA.exe
  O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32
  \RegSrvc.exe
  O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel
  Corporation - C:\WINDOWS\System32\S24EvMon.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC
  Connectivity Solution\ServiceLayer.exe
  O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service
  (default)) - Analog Devices, Inc. - C:\Program Files\Analog
  Devices\SoundMAX\SMAgent.exe
  O23 - Service: websrvx - Unknown owner - C:\Program
  Files\websrvx\websrvx.exe

  --
  End of file - 9083 bytes


  Mam nadzieje ze wszystko zrobilem jak trzeba. Prosze o pomoc i
  pozdrawiam. h
  --
  "Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
  prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

  forum.gazeta.pl/forum/71,1.html?f=25097
 • Gość: Kolobos IP: *.zask.pl 14.05.09, 19:14
  Po co odpisujesz po miesiacu skoro nie potrafisz czytac?! Miales dac log z combofix na wklej.org i podac link, a nie wklejac log z hijackthis w tresci.
 • hansgrubber 26.06.09, 21:54
  Swa nieumiejetnosc potwierdzam lektura Twej uprzejmej odpowiedzi. :)
  Czy moge Cie prosic o pomoc?
  --
  "Jeden tam tylko jest porządny człowiek: prokurator, ale i on,
  prawdę mówiąc, świnia." Martwe dusze M.W.Gogol

  forum.gazeta.pl/forum/71,1.html?f=25097
 • Gość: Kolobos IP: *.zask.pl 28.06.09, 00:07
  Juz wystarczajaco Ci pomoglem - podalem wszystko co trzeba! Pozostaje Ci wykonac to co napisalem (lub nie).

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka