בדיקת log של hijackthis

פורום פורומים פורום תמיכה בתקלות מחשבים בדיקת log של hijackthis

מוצגות 5 תגובות – 1 עד 5 (מתוך 5 סה״כ)
  • מאת
    תגובות
  • 9 בפברואר 2012 בשעה 18:21 #46518
    ארז
    חבר

    אשמח אם תאמרו לי האם המחשב שלי נגוע בוירוס או rootkit זדוני במיוחד כי לאחרונה יותר מדי פעמים משתלטים עליו משתמשים מרחוק שאני לא מזהה ומתקינים לי תוכנות שאני לא רוצה שיהיו מותקנות בו.

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 18:17:30, on 09/02/2012
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16421)
    Boot mode: Normal
    Running processes:
    D:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    D:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Internet Explorer\iexplore.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
    R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 – Hosts: 173.254.70.227 meta.wikimedia.org
    O2 – BHO: Netex Express – {000000A4-5858-4E36-BA5B-FDD80F3D5145} – C:\Program Files (x86)\Netex Express\netextb.dll
    O2 – BHO: IDM Helper – {0055C089-8582-441B-A0BF-17B458C2A3A8} – D:\Program Files\Internet Download Manager\IDMIECC.dll
    O2 – BHO: Password Depot 6 – {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} – "C:\Program Files (x86)\AceBIT\Password Depot 6\pdIEAddOn.dll" (file missing)
    O2 – BHO: URLRedirectionBHO – {B4F3A835-0E21-4959-BA22-42B3008E02FF} – C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL
    O2 – BHO: mako LIVE – {d45171f3-7da8-4d5a-8257-bcb94b9092aa} – C:\Program Files (x86)\mako_LIVE\prxtbmako.dll
    O2 – BHO: Netex Address Bar – {EFAE365E-DB89-4353-A952-EB035103204F} – C:\Program Files (x86)\Netex Express\netexa.dll
    O3 – Toolbar: Netex Express – {000000A4-5858-4E36-BA5B-FDD80F3D5145} – C:\Program Files (x86)\Netex Express\netextb.dll
    O3 – Toolbar: mako LIVE Toolbar – {d45171f3-7da8-4d5a-8257-bcb94b9092aa} – C:\Program Files (x86)\mako_LIVE\prxtbmako.dll
    O4 – HKLM\..\Run: [hpqSRMon] D:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 – HKCU\..\Run: [Facebook Update] "C:\Users\Family\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
    O8 – Extra context menu item: Download all links with IDM – D:\Program Files\Internet Download Manager\IEGetAll.htm
    O8 – Extra context menu item: Download with IDM – D:\Program Files\Internet Download Manager\IEExt.htm
    O8 – Extra context menu item: Translate this web page with Babylon – res://D:\Program Files\Babylon\Utils\BabylonIEPI.dll/ActionTU.htm
    O8 – Extra context menu item: Translate with Babylon – res://D:\Program Files\Babylon\Utils\BabylonIEPI.dll/Action.htm
    O9 – Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 – {0000036B-C524-4050-81A0-243669A86B9F} – C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
    O9 – Extra button: (no name) – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
    O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0-4FCB-11CF-AAA5-00401C608501} – C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll
    O9 – Extra button: Send to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MI068C~1\Office12\ONBttnIE.dll
    O9 – Extra 'Tools' menuitem: S&end to OneNote – {2670000A-7350-4f3c-8081-5663EE0C6C49} – C:\PROGRA~2\MI068C~1\Office12\ONBttnIE.dll
    O9 – Extra button: מחקר – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
    O9 – Extra button: Password Depot 6 – {9F79B165-70F7-4C46-B1A5-8828E2FF21F9} – "C:\Program Files (x86)\AceBIT\Password Depot 6\PasswordDepot.exe" (file missing)
    O10 – Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O10 – Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
    O11 – Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 – DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) – http://support.asus.com/select/asusTek_sys_ctrl3.cab
    O16 – DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) – http://download.eset.com/special/eos/OnlineScanner.cab
    O16 – DPF: {8D9563A9-8D5F-459B-87F2-BA842255CB9A} (Forefront UAG client components) – https://bar.pelephone.co.il/InternalSite/WhlCompMgr.cab
    O16 – DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) – http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O16 – DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) – https://secure.logmein.com/activex/ractrl.cab?lmi=722
    O17 – HKLM\System\CCS\Services\Tcpip\..\{3897F2B8-2899-429D-9E75-6A37B711ECDF}: NameServer = 212.143.212.143,194.90.1.5,192.168.0.1
    O18 – Protocol: grooveLocalGWS – {88FED34C-F0CA-4636-A375-3CB6248B04CD} – C:\Program Files (x86)\Microsoft Office 2007\Office12\GrooveSystemServices.dll
    O23 – Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) – Unknown owner – C:\Windows\System32\alg.exe (file missing)
    O23 – Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @appmgmts.dll,-3250 (AppMgmt) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Computer Browser (Browser) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Offline Files (CscService) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @oleres.dll,-5012 (DcomLaunch) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Disk Defragmenter (DEFRAGSVC) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Diagnostic Policy Service (DPS) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @comres.dll,-2450 (EventSystem) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @gpapi.dll,-112 (gpsvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: HomeGroup Listener (HomeGroupListener) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: HomeGroup Provider (HomeGroupProvider) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: hpqcxs08 – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 – Service: IKE and AuthIP IPsec Keying Modules (IKEEXT) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: IP Helper (iphlpsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: RIP Listener (iprip) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @keyiso.dll,-100 (KeyIso) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
    O23 – Service: @comres.dll,-2946 (KtmRm) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: TCP/IP NetBIOS Helper (lmhosts) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Intel(R) Management and Security Application Local Management Service (LMS) – Intel Corporation – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 – Service: Multimedia Class Scheduler (MMCSS) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @comres.dll,-2797 (MSDTC) – Unknown owner – C:\Windows\System32\msdtc.exe (file missing)
    O23 – Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) – Unknown owner – C:\Windows\system32\msiexec.exe
    O23 – Service: Net Driver HPZ12 – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Netlogon – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
    O23 – Service: Network Connections (Netman) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Network List Service (netprofm) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Program Compatibility Assistant Service (PcaSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) – Unknown owner – C:\Windows\SysWow64\perfhost.exe
    O23 – Service: @%systemroot%\system32\pla.dll,-500 (pla) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Pml Driver HPZ12 – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
    O23 – Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Remote Access Auto Connection Manager (RasAuto) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Remote Access Connection Manager (RasMan) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Routing and Remote Access (RemoteAccess) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Remote Registry (RemoteRegistry) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Remote Procedure Call (RPC) Locator (RpcLocator) – Unknown owner – C:\Windows\system32\locator.exe (file missing)
    O23 – Service: @oleres.dll,-5010 (RpcSs) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
    O23 – Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Windows Backup (SDRSVC) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Secondary Logon (seclogon) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: System Event Notification Service (SENS) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\ipnathlp.dll,-106 (SharedAccess) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) – Unknown owner – C:\Windows\System32\snmptrap.exe (file missing)
    O23 – Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) – Unknown owner – C:\Windows\System32\spoolsv.exe (file missing)
    O23 – Service: Software Protection (sppsvc) – Unknown owner – C:\Windows\system32\sppsvc.exe
    O23 – Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Superfetch (SysMain) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Distributed Link Tracking Client (TrkWks) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) – Unknown owner – C:\Windows\servicing\TrustedInstaller.exe
    O23 – Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) – Unknown owner – C:\Windows\system32\UI0Detect.exe (file missing)
    O23 – Service: Intel(R) Management and Security Application User Notification Service (UNS) – Intel Corporation – C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 – Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Desktop Window Manager Session Manager (UxSms) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Credential Manager (VaultSvc) – Unknown owner – C:\Windows\system32\lsass.exe (file missing)
    O23 – Service: @%SystemRoot%\system32\vds.exe,-100 (vds) – Unknown owner – C:\Windows\System32\vds.exe (file missing)
    O23 – Service: VMware DHCP Service (VMnetDHCP) – VMware, Inc. – C:\Windows\system32\vmnetdhcp.exe
    O23 – Service: VMware NAT Service – VMware, Inc. – C:\Windows\system32\vmnat.exe
    O23 – Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) – Unknown owner – C:\Windows\system32\vssvc.exe (file missing)
    O23 – Service: Windows Time (W32Time) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) – Unknown owner – C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 – Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) – Unknown owner – C:\Windows\system32\wbengine.exe (file missing)
    O23 – Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Windows Event Collector (Wecsvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Windows Defender (WinDefend) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Windows Security – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Windows Management Instrumentation (Winmgmt) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) – Unknown owner – C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 – Service: Windows Media Player Network Sharing Service (WMPNetworkSvc) – Unknown owner – C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
    O23 – Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: Security Center (wscsvc) – Unknown owner – C:\Windows\System32\svchost.exe
    O23 – Service: Windows Search (WSearch) – Unknown owner – C:\Windows\system32\SearchIndexer.exe
    O23 – Service: Windows Update (wuauserv) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) – Unknown owner – C:\Windows\system32\svchost.exe
    O23 – Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) – Unknown owner – C:\Windows\system32\svchost.exe

    End of file – 19891 bytes
    11 בפברואר 2012 בשעה 19:48 #46538
    itsho
    מנהל בפורום

    1. שים את הLOG באתר http://hjt.iamnotageek.com/ , ותראה מה צריך להסיר ומה לא.
    2. אם מישהו משתלט לך על המחשב ואתה רואה את זה – עליך להתחיל להתייחס לאבטחה ברצינות ולהתקין פיירוול (תוכנה או חומרה אם מדובר במחשב עם חומר חשוב).

    12 בפברואר 2012 בשעה 00:03 #46591
    ארז
    חבר

    הוא מראה לי באתר הזה יותר מדי קבצי מערכת בצבע אדום שהוא כותב file missing.

    נראה לי לא הגיוני, אני מתכוון בכל מקרה עקב ריבוי תקלות תוכנה חוזרות ונשנות לפרמט את המערכת עם דיסק התקנה אחר של windows 7, ככל הנראה הגרסה שהתקנתי פגומה מלכתחילה, לקחתי גרסה אחרת מחבר שלי שאומר שאצלו אין בעיות בכלל.
    12 בפברואר 2012 בשעה 08:40 #46595
    blue
    חבר

    תבדוק את הלוג באתר :

    12 בפברואר 2012 בשעה 09:22 #46598
    ארז
    חבר

    אותו דבר בדיוק גם באתר השני.

  • מאת
    תגובות
מוצגות 5 תגובות – 1 עד 5 (מתוך 5 סה״כ)
  • יש להתחבר למערכת על מנת להגיב.