r e k l a m a
Zaloguj się, aby obserwować  
Obserwujący 0
Monczkin

Odziedziczony komputer - czyszczenie systemu

Witam.

Odziedziczyłem w pracy komputer. Przeleciałem go kilkoma programami. Wywaliłem między innymi:

Alexa Related

Sumom.A

Altnet

CDilla

CommonName

Cydoor

eUniverse.UpdMgr

GAIN.DashBar

GAIN.Gator

KeenValue.PerfectNav

MyWay.MyBar

Obawiam się, że to nie wszystko :/

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:37:09, on 2007-08-29

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\WINNT\system32\DRIVERS\CDANTSRV.EXE

C:\WINNT\System32\svchost.exe

C:\win32app\ingr\ipshare\clntutil\bin\pidrpcs.exe

C:\win32app\ingr\ipshare\prntserv\nqs_serv.exe

C:\win32app\ingr\ipshare\ipserver\bin\ipsrvd.exe

c:\orant\bin\oracle73.exe

C:\WINNT\system32\regsvc.exe

C:\Program Files\Common Files\Intergraph\RIS05.05\BIN\RISTCPSR.EXE

C:\WINNT\system32\MSTask.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe

c:\orant\bin\strtdb73.exe

C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe

C:\Program Files\BullGuard\vsserv.exe

C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe

C:\Program Files\ESRI\License\arcgis9x\ARCGIS.EXE

C:\WINNT\Explorer.EXE

C:\WINNT\gtwatch.exe

C:\WINNT\system32\hkcmd.exe

C:\WINNT\system32\igfxpers.exe

C:\WINNT\system32\internat.exe

C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

C:\Program Files\Netscape\Navigator 9\navigator.exe

C:\Program Files\WapSter\WapSter AQQ\AQQ.exe

C:\Program Files\Programs\coreldrw.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://od.pgi.gov.pl/ODPIG.htm

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcworld.pl

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

O2 - BHO: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [Gtwatch] C:\WINNT\gtwatch.exe

O4 - HKLM\..\Run: [igfxtray] C:\WINNT\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxhkcmd] C:\WINNT\system32\hkcmd.exe

O4 - HKLM\..\Run: [igfxpers] C:\WINNT\system32\igfxpers.exe

O4 - HKCU\..\Run: [internat.exe] internat.exe

O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

O4 - HKUS\.DEFAULT\..\RunOnce: [^SetupICWDesktop] C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe /desktop (User 'Default user')

O4 - Global Startup: tworzenie_dysku_M.bat

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O12 - Plugin for .fpx: C:\Program Files\Internet Explorer\PLUGINS\NPRVRT34.dll

O12 - Plugin for .ivr: C:\Program Files\Internet Explorer\PLUGINS\NPRVRT34.dll

O14 - IERESET.INF: START_PAGE_URL=http://www.pcworld.pl

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = pgi.gov.pl

O17 - HKLM\System\CCS\Services\Tcpip\..\{4E620CF9-6F61-4DA2-8B7D-63B80767036E}: Domain = pgi.gov.pl

O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = pgi.gov.pl

O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = pgi.gov.pl

O23 - Service: ArcGIS License Manager - Unknown owner - C:\Program Files\ESRI\License\arcgis9x\lmgrd.exe

O23 - Service: ArcGIS_83 - Unknown owner - C:\INSTALLS\ArcGIS\lmgrd.exe (file missing)

O23 - Service: BullGuard Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\BullGuard\BullGuard Scan Server\bdss.exe

O23 - Service: Bonjour Service - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINNT\system32\DRIVERS\CDANTSRV.EXE

O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Intergraph DOS Plot Service - Unknown owner - C:\win32app\ingr\ipshare\ipserver\bin\pc_dmn.exe

O23 - Service: Intergraph IMF Printer Driver Service - Unknown owner - C:\win32app\ingr\ipshare\clntutil\bin\pidrpcs.exe

O23 - Service: Intergraph NQS Listener - Intergraph Corporation - C:\win32app\ingr\ipshare\prntserv\nqs_serv.exe

O23 - Service: Intergraph Plotter Information Service - Unknown owner - C:\win32app\ingr\ipshare\ipserver\bin\ipsrvd.exe

O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: OracleServiceORCL - Oracle Corporation - c:\orant\bin\oracle73.exe

O23 - Service: OracleStartORCL - Unknown owner - c:\orant\bin\strtdb73.exe

O23 - Service: OracleWWWListener80 - Unknown owner - x†\BIN\WWWLSNR.EXE (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe

O23 - Service: RIStcpsrService - Intergraph Corporation - C:\Program Files\Common Files\Intergraph\RIS05.05\BIN\RISTCPSR.EXE

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

O23 - Service: BullGuard Virus Shield (VSSERV) - Unknown owner - C:\Program Files\BullGuard\vsserv.exe

O23 - Service: BullGuard Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\BullGuard\BullGuard Communicator\xcommsvr.exe

--

End of file - 6359 bytes

Udostępnij ten post


Link to postu
Udostępnij na innych stronach
R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

O2 - BHO: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -

usuń wpisy HJT

Skaner Online + wynik - http://www.eset.pl/onlinescan

Udostępnij ten post


Link to postu
Udostępnij na innych stronach
r e k l a m a

Zaloguj się, aby skomentować

Będziesz mógł dodać komentarz po zalogowaniu sięZaloguj się
Zaloguj się, aby obserwować  
Obserwujący 0