Second Opinion
Folosind serviciul second opinion ne puteți trimite RMN-uri, CT -uri, angiografii, fișiere .pdf, documente medicale. Astfel vă vom putea da o opinie neurochirurgicală, fără ca aceasta să poată înlocui un consult de specialitate. Răspunsurile vor fi date prin e-mail în cel mai scurt timp posibil (de obicei în mai putin de 24 de ore, dar nu mai mult de 48 de ore). Second opinion – Neurohope este un serviciu gratuit. www.neurohope.ro |
svchost.exe mananca CPU 100%. virus?
Last Updated: Nov 08 2013 21:32, Started by
Talkabout
, Oct 10 2013 17:54
·
0
#1
Posted 10 October 2013 - 17:54
Din cate am mai inteles, poate fi virus, dar nu sigur. Asa ca va atasez un log HiJackThis poate ma ajutati.
Mersi Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 18:53:59, on 10.10.2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\RAMASST.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\TPSBattM.exe C:\WINDOWS\system32\imapi.exe D:\oracle\app\product\11.2.0\dbhome_1\bin\nmesrvc.exe C:\Program Files\SpeedFan\speedfan.exe c:\oracle\middle~1\oracle~2\ccr\bin\nmz.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe C:\WINDOWS\system32\cmd.exe D:\oracle\app\product\11.2.0\dbhome_1\perl\bin\perl.exe C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Documents and Settings\Sorin\Local Settings\Application Data\Yahoo\Widget Engine\Unzipped\SimpleMonitor.widget\SimpleMonitor-1.0.5.widget\Contents\resources\exe\SimpleMonitor.exe C:\Program Files\PLSQL Developer\plsqldev.exe D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Program Files\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\WINDOWS\explorer.exe C:\WINDOWS\System32\svchost.exe D:\oracle\app\product\11.2.0\dbhome_1\bin\emagent.exe C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe C:\WINDOWS\system32\cmd.exe D:\oracle\app\product\11.2.0\dbhome_1\jdk\bin\java.exe C:\Program Files\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe C:\Program Files\Real\RealPlayer\update\realsched.exe c:\Program Files\Microsoft Security Client\MpCmdRun.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe C:\Program Files\Real\RealPlayer\RealPlay.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.159.1713.0.exe C:\WINDOWS\system32\MpSigStub.exe C:\Program Files\Real\RealPlayer\RealPlay.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ro/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing) O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-861567501-790525478-1417001333-500\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Administrator') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bit...m/qsax/qsax.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1340458597843 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - http://roger:8889/fo...iator/jinit.exe O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) - http://javadl-esd.su...indows-i586.cab O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Serviciul Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviciul Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: OracleDBConsoleorcl - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\nmesrvc.exe O23 - Service: OracleJobSchedulerORCL - Unknown owner - d:\oracle\app\product\11.2.0\dbhome_1\Bin\extjob.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\omtsreco.exe O23 - Service: OracleOH1036244575c_oracle_middleware_asinst_1ConfigurationManager - Unknown owner - c:\oracle\middle~1\oracle~2\ccr\bin\nmz.exe O23 - Service: OracleOraDb11g_home1ClrAgent - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe O23 - Service: OracleOraDb11g_home1TNSListener - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe O23 - Service: Oracle Process Manager (asinst_1) (OracleProcessManager_asinst_1) - Unknown owner - C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe O23 - Service: OracleServiceORCL - Oracle Corporation - d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 10737 bytes |
#3
Posted 10 October 2013 - 18:16
Nu E cu verde acolo la Automatic Updates
Edited by Talkabout, 10 October 2013 - 18:17. |
#4
Posted 10 October 2013 - 18:28
svchost inseamna multe. Da jos process explorer si vedem mai exact cine ce face. http://technet.micro...s/bb896653.aspx
|
#5
Posted 10 October 2013 - 19:01
stiam ca svchost e unul din serviciile de rulare a netului..insa de foarte multe ori acesta e virus iar daca inchidem serviciul din task manager se restarteza si pc-ul , fa o scanare pentru siguranta ta
|
#7
Posted 10 October 2013 - 22:23
#8
Posted 11 October 2013 - 06:08
Ruleaza din nou HiJackThis.
Bifeaza si da fix la: Quote
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [TPSMain] TPSMain.exe O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe Da un scan cu SUPERAntiSpyware, sau Malwarebytes AntiMalware si posteaza logul aici. |
#9
Posted 12 October 2013 - 09:21
am scanat cu SUPERAntiSpyware si mallwarebytes, am dat inlaturare/curatare la tot ce a gasit. noul log:
Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 10:19:37, on 12.10.2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Update\1.3.21.165\GoogleCrashHandler.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\WINDOWS\system32\DVDRAMSV.exe C:\Program Files\Intel\Wireless\Bin\EvtEng.exe C:\WINDOWS\system32\imapi.exe C:\WINDOWS\System32\svchost.exe D:\oracle\app\product\11.2.0\dbhome_1\bin\nmesrvc.exe C:\Program Files\SpeedFan\speedfan.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe c:\oracle\middle~1\oracle~2\ccr\bin\nmz.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe C:\Documents and Settings\Sorin\Local Settings\Application Data\Yahoo\Widget Engine\Unzipped\SimpleMonitor.widget\SimpleMonitor-1.0.5.widget\Contents\resources\exe\SimpleMonitor.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe C:\WINDOWS\system32\cmd.exe D:\oracle\app\product\11.2.0\dbhome_1\perl\bin\perl.exe C:\WINDOWS\system32\cmd.exe D:\oracle\app\product\11.2.0\dbhome_1\jdk\bin\java.exe D:\oracle\app\product\11.2.0\dbhome_1\bin\emagent.exe d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\tcpsvcs.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ro/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (file missing) O4 - HKLM\..\Run: [googletalk] C:\Program Files\Google\Google Talk\googletalk.exe /autostart O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI69DF~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O16 - DPF: {4B54A9DE-EF1C-4EBE-A328-7C28EA3B433A} (Bitdefender QuickScan Control) - http://quickscan.bit...m/qsax/qsax.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.mi...b?1340458597843 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset...lineScanner.cab O16 - DPF: {CAFECAFE-0013-0001-0022-ABCDEFABCDEF} (JInitiator 1.3.1.22) - http://roger:8889/fo...iator/jinit.exe O16 - DPF: {CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA} (Java Plug-in 1.6.0_12) - http://javadl-esd.su...indows-i586.cab O20 - Winlogon Notify: TPSvc - TPSvc.dll (file missing) O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Avira Scheduler (AntiVirSchedulerService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira Real-Time Protection (AntiVirService) - Avira Operations GmbH & Co. KG - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: Serviciul Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Serviciul Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: OracleDBConsoleorcl - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\nmesrvc.exe O23 - Service: OracleJobSchedulerORCL - Unknown owner - d:\oracle\app\product\11.2.0\dbhome_1\Bin\extjob.exe O23 - Service: OracleMTSRecoveryService - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\omtsreco.exe O23 - Service: OracleOH1036244575c_oracle_middleware_asinst_1ConfigurationManager - Unknown owner - c:\oracle\middle~1\oracle~2\ccr\bin\nmz.exe O23 - Service: OracleOraDb11g_home1ClrAgent - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\bin\OraClrAgnt.exe O23 - Service: OracleOraDb11g_home1TNSListener - Oracle Corporation - D:\oracle\app\product\11.2.0\dbhome_1\BIN\TNSLSNR.exe O23 - Service: Oracle Process Manager (asinst_1) (OracleProcessManager_asinst_1) - Unknown owner - C:\Oracle\Middleware\Oracle_FRHome1\opmn\bin\opmn.exe O23 - Service: OracleServiceORCL - Oracle Corporation - d:\oracle\app\product\11.2.0\dbhome_1\bin\ORACLE.EXE O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- End of file - 9231 bytes |
#10
Posted 12 October 2013 - 13:37
Opreste serviciul DNS si pune-l pe off, sa nu-ti porneasca o data cu windows-ul !
|
|
#11
Posted 12 October 2013 - 13:46
Talkabout, on 12 octombrie 2013 - 09:21, said:
am scanat cu SUPERAntiSpyware si mallwarebytes, am dat inlaturare/curatare la tot ce a gasit. Posteaza cele doua loguri, te rog. |
#12
Posted 12 October 2013 - 18:45
#14
Posted 12 October 2013 - 19:38
Ai aici un mic tutorial ! Se si vede in una din poze serviciul DNS client !
Pui serviciul ala pe disabled! http://www.jasonn.co...s_on_windows_xp Edited by kodiak, 12 October 2013 - 19:41. |
#15
Posted 15 October 2013 - 15:31
MhG_40, on 12 octombrie 2013 - 13:46, said: Posteaza cele doua loguri, te rog. Mallwarebytes: Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Versiunea bazei de date: v2013.10.12.05 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Sorin :: ROGER [administrator] 12.10.2013 19:46:56 mbam-log-2013-10-12 (19-46-56).txt Modul de scanare: Scanare completa (C:\|D:\|) Optiuni de scanare activate: Memorie | Pornire | Registru | Sistemul fisierelor | Euristica/Extra | Euristica/Shuriken | PUP | PUM Optiuni de scanare dezactivate: P2P Obiecte scanate: 1015279 Timp trecut: 20 ore, 47 minute, Procese din Memorie detectate: 0 (Nu au fost detectate obiecte malicioase) Module de Memorie detectate: 0 (Nu au fost detectate obiecte malicioase) Chei de Registru detectate: 0 (Nu au fost detectate obiecte malicioase) Valori de Registru detectate: 0 (Nu au fost detectate obiecte malicioase) Date din Registru detectate: 0 (Nu au fost detectate obiecte malicioase) Foldere detectate: 0 (Nu au fost detectate obiecte malicioase) Fisiere detectate: 0 (Nu au fost detectate obiecte malicioase) (sfarsit) SuperAntiSpyware: SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 10/15/2013 at 08:29 AM Application Version : 5.6.1040 Core Rules Database Version : 10828 Trace Rules Database Version: 8640 Scan type : Complete Scan Total Scan Time : 07:59:59 Operating System Information Windows XP Professional 32-bit, Service Pack 3 (Build 5.01.2600) Administrator Memory items scanned : 722 Memory threats detected : 0 Registry items scanned : 38554 Registry threats detected : 0 File items scanned : 323759 File threats detected : 15 Adware.Tracking Cookie C:\Documents and Settings\Sorin\Cookies\I4U1A65A.txt [ /ad.yieldmanager.com ] static.mediafax.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\6PU7C2YW ] static1.mediadirect.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\6PU7C2YW ] .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .mediafax.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .mediafax.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .mediafax.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] www.mediafax.ro [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .accounts.google.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] accounts.youtube.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] accounts.google.com [ C:\DOCUMENTS AND SETTINGS\SORIN\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\MZZQXXM0.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\DOCUMENTS AND SETTINGS\SORIN\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ] kodiak, on 12 octombrie 2013 - 19:38, said:
Ai aici un mic tutorial ! Se si vede in una din poze serviciul DNS client ! Pui serviciul ala pe disabled! http://www.jasonn.co...s_on_windows_xp Am reusit, mersi! |
|
#16
Posted 16 October 2013 - 20:07
Deci sunt ok logurile? ce-s chestiile alea ce mi le-a gasit superantispyware?
|
#17
Posted 16 October 2013 - 20:34
Talkabout, on 16 octombrie 2013 - 20:07, said:
Deci sunt ok logurile? ce-s chestiile alea ce mi le-a gasit superantispyware? https://ro.wikipedia.org/wiki/Cookie |
#18
Posted 16 October 2013 - 22:15
MhG_40, on 16 octombrie 2013 - 20:34, said: Stiu ce-i ala cookie, dar de ce le gaseste SUPERAntiSpyware ca adware tracking cookie? doar sunt.. cookie-uri! cam oricine cred ca are cookie-uri |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users