Proszę o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 18:38:15, on 2006–03–16
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ArcaVir\Bin\NetMonSv.exe
C:\Program Files\ArcaVir\Bin\avmonsv.exe
C:\Program Files\Hmonitor\hmonitor.exe
C:\Program Files\ArcaVir\Bin\ABmenu.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\ArcaVir\Bin\arcascan.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC07.EXE
C:\Program Files\Opera8\Opera.exe
C:\Program Files\TC PowerPack\totalcmd.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tsi.tychy.pl:8080
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{20EC3D2D–33C1–4C9D–BC37–C2D500688DA2} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {206E52E0–D52E–11D4–AD54–0000E86C26F6} – C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O3 – Toolbar: FreshDownload Bar – {ED0E8CA5–42FB–4B18–997B–769E0408E79D} – C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe
O4 – HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe –startup
O4 – HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 – HKLM\..\Run: [ABREGMON] C:\Program Files\ArcaVir\Bin\ABregmon.exe
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 – HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: FreshDownload – {F925858B–B2B2–4631–A267–D43DAEBD1AAC} – C:\Program Files\FreshDevices\FreshDownload\fd.exe
O16 – DPF: {11260943–421B–11D0–8EAC–0000C07D88CF} (iPIX ActiveX Control) – http://www.ipix.com/viewers/ipixx.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{ABD20F53–2B54–424F–B655–9324E194E6E8}: NameServer = 83.142.120.242
O23 – Service: ArcaBit NetMonitor (ABNetMon) – ArcaBit sp. z o.o. – C:\Program Files\ArcaVir\Bin\NetMonSv.exe
O23 – Service: ArcaVir Monitor (ArcaMonSvc) – ArcaBit – C:\Program Files\ArcaVir\Bin\avmonsv.exe
O23 – Service: ArcaScan – ArcaBit – C:\Program Files\ArcaVir\Bin\arcascan.exe
O23 – Service: arcaserv – ArcaBit Sp. z o. o. – C:\Program Files\ArcaVir\bin\arcaserv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: iolo System Guard (IOLO_SRV) – Unknown owner – C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe (file missing)
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: O&O Defrag – O&O Software GmbH – C:\WINDOWS\System32\oodag.exe
O23 – Service: PMounter – Unknown owner – C:\WINDOWS\system32\PMounter.exe
O23 – Service: StyleXPService – Unknown owner – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 – Service: XIGNQOXM – Unknown owner – C:\DOCUME~1\Irek\USTAWI~1\Temp\XIGNQOXM.exe (file missing)
Strasznie mam zamulony PC,prawie ciągle pracuje dysk,cokolwiek otwieram to uruchamia się bardzo długo.Mam AcaVira i przeskanowany komp,jest czysty ,tak wynika z antywira.
Nie mogę tego usunąć:
O23 – Service: iolo System Guard (IOLO_SRV) – Unknown owner – C:\Program Files\iolo\System Mechanic
Odpowiedzi: 3
Dzięki za pomoc,usługę juź usunąłem.
Aktualny log,proszę o sprawdzenie.
Aktualny log,proszę o sprawdzenie.
Logfile of HijackThis v1.99.1
Scan saved at 14:46:03, on 2006–03–17
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hmonitor\hmonitor.exe
C:\Program Files\ArcaVir\Bin\ABmenu.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\ArcaVir\Bin\avmonsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\oodag.exe
C:\Program Files\ArcaVir\Bin\arcascan.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\Opera8\Opera.exe
C:\Program Files\ArcaVir\Bin\NetMonSv.exe
C:\Program Files\TC PowerPack\totalcmd.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HijackThis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tsi.tychy.pl:8080
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {206E52E0–D52E–11D4–AD54–0000E86C26F6} – C:\PROGRA~1\FRESHD~1\FRESHD~1\fdcatch.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O3 – Toolbar: FreshDownload Bar – {ED0E8CA5–42FB–4B18–997B–769E0408E79D} – C:\PROGRA~1\FRESHD~1\FRESHD~1\fdiebar.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe
O4 – HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe –startup
O4 – HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 – HKLM\..\Run: [ABREGMON] C:\Program Files\ArcaVir\Bin\ABregmon.exe
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe" autostart
O4 – HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: FreshDownload – {F925858B–B2B2–4631–A267–D43DAEBD1AAC} – C:\Program Files\FreshDevices\FreshDownload\fd.exe
O16 – DPF: {11260943–421B–11D0–8EAC–0000C07D88CF} (iPIX ActiveX Control) – http://www.ipix.com/viewers/ipixx.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{ABD20F53–2B54–424F–B655–9324E194E6E8}: NameServer = 83.142.120.242
O23 – Service: ArcaBit NetMonitor (ABNetMon) – ArcaBit sp. z o.o. – C:\Program Files\ArcaVir\Bin\NetMonSv.exe
O23 – Service: ArcaVir Monitor (ArcaMonSvc) – ArcaBit – C:\Program Files\ArcaVir\Bin\avmonsv.exe
O23 – Service: ArcaScan – ArcaBit – C:\Program Files\ArcaVir\Bin\arcascan.exe
O23 – Service: arcaserv – ArcaBit Sp. z o. o. – C:\Program Files\ArcaVir\bin\arcaserv.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: O&O Defrag – O&O Software GmbH – C:\WINDOWS\System32\oodag.exe
O23 – Service: PMounter – Unknown owner – C:\WINDOWS\system32\PMounter.exe
O23 – Service: StyleXPService – Unknown owner – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
ZYCHI:
Nie mogę tego usunąć:
O23 – Service: iolo System Guard (IOLO_SRV) – Unknown owner – C:\Program Files\iolo\System Mechanic
Bo to usługa. Jak usunąć usługe korzystająć z HIjackThis masz opisane w przyklejonym FAQ tego działu – pkt 7
Co to ten XIGNQOXM.exe jako usluga ?
Po co Ci te wszystkie memoptimizery, hmonitory ?
Usun recznie w rejestrze "_{20EC3D2D–33C1–4C9D–BC37–C2D500688DA2}" widoczne tu:
R3 – URLSearchHook: (no name) – _{20EC3D2D–33C1–4C9D–BC37–C2D500688DA2} – (no file)
Tego mozesz sie rowniez pozbyc:
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe –startup
Po co Ci te wszystkie memoptimizery, hmonitory ?
Usun recznie w rejestrze "_{20EC3D2D–33C1–4C9D–BC37–C2D500688DA2}" widoczne tu:
R3 – URLSearchHook: (no name) – _{20EC3D2D–33C1–4C9D–BC37–C2D500688DA2} – (no file)
Tego mozesz sie rowniez pozbyc:
O4 – HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe –startup
Strona 1 / 1