פורסם 2006 במאי 2019 שנים משהו יכול לקרא את הלוג שלי ולבדוק מה לא בסדר?בתודה מראש:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Ahead\InCD\InCDsrv.exeC:\WINDOWS\system32\spoolsv.exeC:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeC:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeC:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXEC:\WINDOWS\system32\nvsvc32.exeC:\WINDOWS\system32\PLServ.exeC:\WINDOWS\system32\tcpsvcs.exeC:\Program Files\Analog Devices\SoundMAX\SMAgent.exeC:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\system32\fxssvc.exeC:\Program Files\Common Files\Stardock\SDMCP.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\system32\wscntfy.exeC:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeC:\Program Files\Analog Devices\SoundMAX\smax4.exeC:\Program Files\Microsoft Hardware\Keyboard\type32.exeC:\PROGRA~1\A4Tech\Mouse\Amoumain.exeC:\PROGRA~1\Grisoft\AVG7\avgcc.exeC:\Program Files\Free Download Manager\fdm.exeC:\Program Files\הפוך על הפוך\hebrew.exeC:\Program Files\Internet Explorer\iexplore.exeC:\WINDOWS\system32\taskmgr.exeC:\incoming\hijackthis\HijackThis.exeR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oz-tal.co.ilR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htmF2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exeO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dllO3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dllO3 - Toolbar: NFOSITE toolbar - {298eebac-69d7-40a3-a94a-fac364d6e2a5} - C:\Program Files\NFOSITE\tbNFOS.dllO4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeO4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /trayO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exeO4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUPO4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorunO8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htmO8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htmO8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htmO8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htmO8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htmO8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?fff998da24304a4d942f56c11a67ddO8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?fff998da24304a4d942f56c11a67ddO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dllO9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO14 - IERESET.INF: START_PAGE_URL=http://www.oz-tal.co.ilO15 - Trusted Zone: http://www.cdisys.comO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - https://bill.icellcom.co.il/jsp/Client/CfxIEAx.cabO16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1115328784188O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photo-print.co.il/uploadComForPhotoPrint/ImageUploader3.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} (LauncherV1 Class) - http://www.tapuz.co.il/irc/main/launcher.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcfscan.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{9D325D98-6AAA-41C8-8F50-3A1E5609ED58}: NameServer = 62.90.133.233 212.150.48.169O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dllO20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dllO20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exeO23 - Service: C - Unknown owner - C:\DOCUME~1\eell\LOCALS~1\Temp\C.exe (file missing)O23 - Service: HAZIHGFMX - Unknown owner - C:\DOCUME~1\eell\LOCALS~1\Temp\HAZIHGFMX.exe (file missing)O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: PhoneTray - Unknown owner - C:\Program Files\TraySoft\PhoneTray\PhoneTray.exeO23 - Service: Privilege Win32 Server - Aladdin Knowledge Systems - C:\WINDOWS\system32\PLServ.exeO23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exeO23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exeO23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
פורסם 2006 במאי 2119 שנים תתקן דרך התוכנה את הרשומה הבאה: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htmותכניס את הלוג שלך לאנליזה ב www.hijackthis.de , יש כמה רשומות שהם לא ברורות, אם אתה מזהה אותן כנורמליות אל תיגעאם אתה מזהה אותן כלא, תתקן אותן .
פורסם 2006 במאי 2119 שנים מחבר תודה, עשיתי אנליזה וזה התוצאות, אני לא יודע איך לתקן את מה שצריך! Entry Kind(Safe, Nasty, Unknown) Description Tip Logfile of HijackThis v1.99.1 Safe. Shows the version of HijackThis an. The newest version is: v1.99.1! This should be the newest version. (v1.99.1) Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Safe. Shows the version of your Internet Explorer. Newest Version is: 6.00.2900.2180! This should be the newest version. (6.00.2900.2180) C:\WINDOWS\System32\smss.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\winlogon.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\services.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\lsass.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\svchost.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\System32\svchost.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\Program Files\Ahead\InCD\InCDsrv.exe Safe. running process. (InCDsrv.exe) C:\WINDOWS\system32\spoolsv.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE Safe. running process. (MDM.EXE)Machine Debug Manager. Used by developers. C:\WINDOWS\system32\nvsvc32.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\PLServ.exe Unknown running process. (PLServ.exe) This is a unknown process. C:\WINDOWS\system32\tcpsvcs.exe Safe. running process. (tcpsvcs.exe)TCP/IP Services C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe Safe. running process. (SMAgent.exe)SoundMAX Agent C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\svchost.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\fxssvc.exe Safe. running process. (fxssvc.exe)Systemprozess - Microsoft's Fax Service C:\Program Files\Common Files\Stardock\SDMCP.exe Unknown running process. (SDMCP.exe) This is a unknown process. C:\WINDOWS\Explorer.EXE Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\WINDOWS\system32\wscntfy.exe Safe. running process. (wscntfy.exe)Windows XP Securitycenter (Service Pack 2) C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe Safe. running process. (SMax4PNP.exe) C:\Program Files\Analog Devices\SoundMAX\smax4.exe Safe. running process. (smax4.exe)Soundkartentreiber C:\Program Files\Microsoft Hardware\Keyboard\type32.exe Safe. running process. (type32.exe) C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\PROGRA~1\Grisoft\AVG7\avgcc.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. C:\Program Files\Free Download Manager\fdm.exe Safe. running process. (fdm.exe)Free Download Manager C:\Program Files\הפוך על הפוך\hebrew.exe Unknown running process. (hebrew.exe) This is a unknown process. C:\Program Files\Internet Explorer\iexplore.exe Safe. running process. (iexplore.exe)Internet Explorer - Wir empfehlen einen sichereren alternativen Browser zu verwenden. (z.B. Firefox) C:\WINDOWS\system32\taskmgr.exe Safe. running process. (taskmgr.exe)Task Manager von Windows. C:\incoming\hijackthis\HijackThis.exe Safe. running process. (HijackThis.exe)Tool, mit dem sie dieses Logfile erzeugt haben. Das Programm sollte so angelegt sein ! C:\Programme\HijackThis\HijackThis.exe Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.oz-tal.co.il Safe. This page has been identified as safe. R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Program Files\Common Files\Microsoft Shared\Stationery\Blank.htm Nasty This entry should be fixed by HijackThis! This entry should be fixed by HijackThis! F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe Unknown This entry was newly introduced in version 1.98 of HijackThis. If nothing follows the ","-sign, you can consider it as safe. Unknown application. O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll Safe. Entries found in this registry zone are potentially nasty. This application ([53707962-6F74-2D53-2644-206D7942484F] - Result: 53707962-6F74-2D53-2644-206D7942484F) has been checked. Hit rate: 100,00% O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll Safe. Entries found in this registry zone are potentially nasty. This application ([bDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0] - Result: BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) has been checked. Hit rate: 100,00% O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll Safe. Entries found in this registry zone are potentially nasty. This application ([bDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0] - Result: BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) has been checked. Hit rate: 100,00% O3 - Toolbar: NFOSITE toolbar - {298eebac-69d7-40a3-a94a-fac364d6e2a5} - C:\Program Files\NFOSITE\tbNFOS.dll Unknown Entries found in this registry zone are potentially nasty. This application ([298eebac-69d7-40a3-a94a-fac364d6e2a5] - Result: ) has been checked. Hit rate: 0,00% Unknown application. O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe Safe. SoundMax integrated sound. Required if you have custom settings for your sound, such as effects and environmentsHit rate: 100,00 % (result) O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\smax4.exe" /tray Safe. System Tray icon for SoundMax integrated sound. Sound properties can be accessed through the Start Menu or Control PanelHit rate: 88,89 % (result) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup Safe. Part of NVidiaHit rate: 100,00 % (result) O4 - HKLM\..\Run: [intelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe" Safe. For MS programmable keyboards. If you disable Intellitype in Startup, any "Hot Keys" that are changed by the user to perform functions other than default settings, defer back to their default settings unless you have changed them Hit rate: 95,45 % (result) O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4Tech\Mouse\Amoumain.exe Safe. A4Tech wireless mouse driver and utility - required if you use non-standard Windows driver features Hit rate: 58,33 % (result) O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun Safe. "Free Download Manager" See here Hit rate: 100,00 % (result) O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O8 - Extra context menu item: &יצא ל- Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Possibly nasty Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed. To be fixed if the entry '&יצא ל' is unknown. O8 - Extra context menu item: Download all by Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm Safe. The entry Download all by Free Download Manager has been identified as safe. If the entry 'Download all by Free Download Manager ' is not needed anymore, it should be fixed. O8 - Extra context menu item: Download by Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm Safe. The entry Download by Free Download Manager has been identified as safe. If the entry 'Download by Free Download Manager ' is not needed anymore, it should be fixed. O8 - Extra context menu item: Download selected by Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm Safe. The entry Download selected by Free Download Manager has been identified as safe. If the entry 'Download selected by Free Download Manager ' is not needed anymore, it should be fixed. O8 - Extra context menu item: Download web site by Free Download Manager - file://C:\Program Files\Free Download Manager\dlpage.htm Safe. The entry Download web site by Free Download Manager has been identified as safe. If the entry 'Download web site by Free Download Manager ' is not needed anymore, it should be fixed. O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?fff998da24304a4d942f56c11a67dd Possibly nasty Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed. To be fixed if the entry 'Open in new background tab ' is unknown. O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?fff998da24304a4d942f56c11a67dd Possibly nasty Entries shown in the menu that pops up when right-clicking into the Internet Explorer. Unknown entries should be fixed. To be fixed if the entry 'Open in new foreground tab ' is unknown. O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll Safe. The entry has been identified as safe. If the entry '' is not needed anymore, it should be fixed. O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.1_07\bin\npjpi141_07.dll Safe. The entry Sun Java Console has been identified as safe. If the entry 'Sun Java Console ' is not needed anymore, it should be fixed. O9 - Extra button: מחקר - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL Safe. The entry מחקר has been identified as safe. If the entry 'מחקר ' is not needed anymore, it should be fixed. O14 - IERESET.INF: START_PAGE_URL=http://www.oz-tal.co.il Safe. This entry should be fixed if this address does not belong to your PC-manufacturer or your 'Internet-Service-Provider (ISP)'. O15 - Trusted Zone: http://www.cdisys.com Safe. If you did not add these pages to your trusted pages, they should be fixed. O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O16 - DPF: {21F49842-BFA9-11D2-A89C-00104B62BDDA} (ChartFX Internet Control) - https://bill.icellcom.co.il/jsp/Client/CfxIEAx.cab Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not. O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab Safe. This entry has been identified as safe. O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_ site.cab?1115328784188 Safe. This entry has been identified as safe. O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - Safe. This entry has been identified as safe. O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.photo-print.co.il/uploadComForPhotoPrint/ImageUploader3.cab Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not. O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Safe. This entry has been identified as safe. O16 - DPF: {D79B6F43-F214-4E7A-9ECB-CCC8771F2416} (LauncherV1 Class) - http://www.tapuz.co.il/irc/main/launcher.cab Possibly nasty Unknown ActiveX-Objects, or ActiveX-Objects from unknown sites should always be fixed. If the name of the ActiveX-Object or the URL contains the words 'dialer', 'casino', 'free plugin' etc, it should be fixed! Check if you know this site and fix it if you do not. O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4561/mcf scan.cab Safe. This entry has been identified as safe. O17 - HKLM\System\CCS\Services\Tcpip\..\{9D325D98-6AAA-41C8-8F50-3A1E5609ED58}: NameServer = 62.90.133.233 212.150.48.169 Possibly nasty If this Domain does not belong to your ISP, or your firms network, these entries should be fixed. 'SearchList' entries should be fixed too. Do you know the IP or Domain '62.90.133.233 212.150.48.169'? If not, fix this entry. O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll Safe. Only a few Hijackers are listed here. The most popular are 'cn' (CommonName) , 'ayb' (Lop.com) and 'relatedlinks' (Huntbar) . They should be fixed. This entry has been identified as safe. O20 - Winlogon Notify: MCPClient - C:\Program Files\Common Files\Stardock\mcpstub.dll Unknown O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing) Unnecessarily Unnecessary (deactivated) entry that can be fixed. O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (Adobelmsvc.exe) was identified as a good one. O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (avgamsvr.exe) was identified as a good one. O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (avgupsvc.exe) was identified as a good one. O23 - Service: C - Unknown owner - C:\DOCUME~1\eell\LOCALS~1\Temp\C.exe (file missing) Unknown These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Unknown service. (C.exe) O23 - Service: HAZIHGFMX - Unknown owner - C:\DOCUME~1\eell\LOCALS~1\Temp\HAZIHGFMX.exe (file missing) Unknown These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Unknown service. (HAZIHGFMX.exe) O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (InCDsrv.exe) was identified as a good one. O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O23 - Service: PhoneTray - Unknown owner - C:\Program Files\TraySoft\PhoneTray\PhoneTray.exe Unknown These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Unknown service. (PhoneTray.exe) O23 - Service: Privilege Win32 Server - Aladdin Knowledge Systems - C:\WINDOWS\system32\PLServ.exe Unknown These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. Unknown service. (PLServ.exe) O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service () was identified as a good one. O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (SMAgent.exe) was identified as a good one. O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe Safe. This entry was classified from our visitors as good. Click on the stars and look at the comments from our visitors, to see, why the entry was classified in such a way. O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe Safe. These entries shows all services which are not from Microsoft. Often malware is starting as a systemservice and it's not easy to detect it. This service (WinStylerThemeSvc.exe) was identified as a good one. This log has been checked automatically.Check your log file automatically at www.hijackthis.de.
פורסם 2006 במאי 2219 שנים אולי לפחות תכניס את הלוג לתוך CODE שיהיה קריא..(לחיצה על האיקון של הסולמית בכתיבת ההודעה)(תערוך את ההודעה, אל תעשה חדשה)
ארכיון
דיון זה הועבר לארכיון ולא ניתן להוסיף בו תגובות חדשות.