плоблем с Svhost

Armageddon8 · Януари 5, 2010

Здравейте, Честита Нова година на всички. Пожелавам на всички здраве, късмет и щастие.

Относно проблема - от 2-3 дни забелязах 2 процеса svhost които заемат доста РАМ според мен. Давам шотче.

Сканирах с online скенера на ESET - нищо не откри. Сканирах и с drweb - пак нищо. Malwarebytes' Anti-Malware - нищо. SUPERAntiSpyware Free Edition също не откри нищо. Давам и лог от HijackThis-

Logfile of HiJackFree v3.0

Scan saved at 19:25:38, on 05.01.2010

Platform: Windows Vista32 Service Pack 2 (Windows NT 6.0.6002)

MSIE: Internet Explorer v 8.0 Service Pack 2 (8.0.6001.18865)

Running processes:

C:\Windows\System32\smss.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\wininit.exe

C:\Windows\System32\csrss.exe

C:\Windows\System32\services.exe

C:\Windows\System32\lsass.exe

C:\Windows\System32\lsm.exe

C:\Windows\System32\winlogon.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\SLsvc.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\System32\svchost.exe

C:\Windows\System32\dwm.exe

C:\Windows\System32\taskeng.exe

C:\Windows\explorer.exe

C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe

C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Windows\System32\svchost.exe

C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

C:\Acer\Empowering Technology\eNet\eNet Service.exe

C:\Program Files\PC Tools Firewall Plus\FWService.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

C:\Windows\System32\svchost.exe

C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE

C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

C:\Windows\System32\SearchIndexer.exe

C:\Windows\System32\drivers\XAudio.exe

C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

C:\Windows\System32\wbem\WmiPrvSE.exe

C:\Windows\System32\wbem\unsecapp.exe

C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\System32\alg.exe

C:\Windows\System32\wbem\unsecapp.exe

C:\Windows\System32\taskeng.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Program Files\Opera\opera.exe

C:\Program Files\a-squared HiJackFree\a2hijackfree.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O2 - BHO: - {5C255C8A-E604-49b4-9D64-90988571CECB} -

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\GAMES\Microsoft office\Office12\GrooveShellExtensions.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot

O4 - HKLM\..\Run: [00PCTFW] "C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe" -s

O4 - HKLM\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKLM\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - HKLM\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O7 - Regedit - Enabled

O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\GAMES\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra "Tools" menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\GAMES\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\PROGRA~1\Skype\Toolbars\INTERN~1\favicon.ico

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\GAMES\MICROS~1\Office12\REFBAR.ICO

O14 - IERESET.INF: SearchAssistant=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm

O14 - IERESET.INF: CustomizeSearch=http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm

O15 - Trusted Zone: https://ebb.ubb.bg

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab

O16 - DPF: {2EDF75C0-5ABD-49f9-BAB6-220476A32034} (System Requirements Lab Class) - http://intel-drv-cdn.systemrequirementslab.com/multi/bin/sysreqlab_srlx.cab

O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O20 - AppInit_DLLs: C:\Windows\System32\eNetHook.dll

O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

O20 - Winlogon Notify: igfxcui - C:\Windows\System32\igfxdev.dll

O21 - ShellServiceObjectDelayLoad: WebCheck -

O22 - SharedTaskScheduler: Component Categories cache daemon - C:\Windows\system32\browseui.dll

O23 - Service: Acronis OS Selector Reinstall Service - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe

O23 - Service: Application Experience Service - C:\Windows\system32\svchost.exe

O23 - Service: Application Layer Gateway Service - C:\Windows\System32\alg.exe

O23 - Service: Application Information Service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Audio Service - C:\Windows\System32\svchost.exe

O23 - Service: Background Intelligent Transfer Service - C:\Windows\system32\svchost.exe

O23 - Service: Bonjour Service - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Computer Browser Service DLL - C:\Windows\system32\svchost.exe

O23 - Service: Bluetooth Support Service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft .NET Framework NGEN v2.0.50727_X86 - C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

O23 - Service: COMSysApp - C:\Windows\system32\dllhost.exe

O23 - Service: Cryptographic Services - C:\Windows\system32\svchost.exe

O23 - Service: DFSR - C:\Windows\system32\DFSR.exe

O23 - Service: DHCP Client Service - C:\Windows\system32\svchost.exe

O23 - Service: DNS Client API DLL - C:\Windows\system32\svchost.exe

O23 - Service: Wired AutoConfig Service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft EAPHost service - C:\Windows\System32\svchost.exe

O23 - Service: eDataSecurity Service - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: Windows Media Center Receiver Service - C:\Windows\ehome\ehRecvr.exe

O23 - Service: Windows Media Center Scheduler Service - C:\Windows\ehome\ehsched.exe

O23 - Service: Windows Media Center Service Launcher - C:\Windows\\system32\svchost.exe

O23 - Service: ReadyBoost Service - C:\Windows\system32\svchost.exe

O23 - Service: eNet Service - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eSettings Service - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Event Logging Service - C:\Windows\System32\svchost.exe

O23 - Service: EventSystem - C:\Windows\system32\svchost.exe

O23 - Service: WS Discovery Service - C:\Windows\system32\svchost.exe

O23 - Service: Function Discovery Resource Publication Service - C:\Windows\system32\svchost.exe

O23 - Service: FLEXnet Licensing Service - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Windows Presentation Foundation Host - C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe

O23 - Service: Google Update Service (gupdate) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HID Service - C:\Windows\system32\svchost.exe

O23 - Service: Key Management Service - C:\Windows\System32\svchost.exe

O23 - Service: InstallDriver Table Manager - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe

O23 - Service: IKE extension - C:\Windows\system32\svchost.exe

O23 - Service: PnP-X IP Bus Enumerator DLL - C:\Windows\system32\svchost.exe

O23 - Service: Service that offers IPv6 connectivity over an IPv4 network. - C:\Windows\System32\svchost.exe

O23 - Service: KeyIso - C:\Windows\system32\lsass.exe

O23 - Service: KtmRm - C:\Windows\System32\svchost.exe

O23 - Service: Server Service DLL - C:\Windows\system32\svchost.exe

O23 - Service: Workstation Service DLL - C:\Windows\System32\svchost.exe

O23 - Service: Link-Layer Topology Discovery Resources - C:\Windows\System32\svchost.exe

O23 - Service: TCPIP NetBios Transport Services DLL - C:\Windows\system32\svchost.exe

O23 - Service: Media Center Resources - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Office Groove Audit Service - D:\GAMES\Microsoft office\Office12\GrooveAuditService.exe

O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Firewall API - C:\Windows\system32\svchost.exe

O23 - Service: MSDTC - C:\Windows\System32\msdtc.exe

O23 - Service: iSCSI Discovery api - C:\Windows\system32\svchost.exe

O23 - Service: Windows® Installer International Messages - C:\Windows\system32\msiexec.exe

O23 - Service: Quarantine Agent Service Run-Time - C:\Windows\System32\svchost.exe

O23 - Service: Net Logon Services DLL - C:\Windows\system32\lsass.exe

O23 - Service: Network Connections Manager - C:\Windows\System32\svchost.exe

O23 - Service: Network Profile Management UI - C:\Windows\System32\svchost.exe

O23 - Service: Service Model Installer Resource Library - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe

O23 - Service: Network Location Awareness 2 - C:\Windows\System32\svchost.exe

O23 - Service: Network Store Interface RPC server - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Office Diagnostics Service - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

O23 - Service: Office Source Engine - C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe

O23 - Service: Program Compatibility Assistant Service - C:\Windows\system32\svchost.exe

O23 - Service: PC Tools Firewall Plus - C:\Program Files\PC Tools Firewall Plus\FWService.exe

O23 - Service: Performance Logs & Alerts - C:\Windows\System32\svchost.exe

O23 - Service: User-mode Plug-and-Play Service - C:\Windows\system32\svchost.exe

O23 - Service: Peer-to-Peer Services - C:\Windows\System32\svchost.exe

O23 - Service: Policy Storage dll - C:\Windows\system32\svchost.exe

O23 - Service: ProfSvc - C:\Windows\system32\svchost.exe

O23 - Service: Protected Storage default provider - C:\Windows\system32\lsass.exe

O23 - Service: Windows NT - C:\Windows\\system32\svchost.exe

O23 - Service: Remote Access AutoDial Manager - C:\Windows\system32\svchost.exe

O23 - Service: Remote Access Connection Manager - C:\Windows\system32\svchost.exe

O23 - Service: RemoteRegistry - C:\Windows\system32\svchost.exe

O23 - Service: Rpc Locator - C:\Windows\system32\locator.exe

O23 - Service: Smart Card Resource Management Server - C:\Windows\system32\svchost.exe

O23 - Service: Task Scheduler Service - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft Smartcard Certificate Propagation Service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft® Windows Backup Service - C:\Windows\system32\svchost.exe

O23 - Service: SeaPort - C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe

O23 - Service: System Event Notification Service (SENS) - C:\Windows\system32\svchost.exe

O23 - Service: Terminal Services Configuration service - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft NAT Helper Components - C:\Windows\System32\svchost.exe

O23 - Service: Windows Shell Services Dll - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft Software Licensing Service - C:\Windows\system32\SLsvc.exe

O23 - Service: Software Licensing UI Notification Service - C:\Windows\system32\svchost.exe

O23 - Service: SNMP Trap - C:\Windows\System32\snmptrap.exe

O23 - Service: SSDP Service DLL - C:\Windows\system32\svchost.exe

O23 - Service: Provides the facility of using Secure Socket Tunneling Protocol (SSTP) to connect to remote computers (using VPN). - C:\Windows\system32\svchost.exe

O23 - Service: Still Image Devices Service - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft® Volume Shadow Copy Service software provider - C:\Windows\System32\svchost.exe

O23 - Service: Superfetch Service Host - C:\Windows\system32\svchost.exe

O23 - Service: Microsoft Tablet PC Input Service - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft® Windows Telephony Server - C:\Windows\System32\svchost.exe

O23 - Service: TBS Service - C:\Windows\System32\svchost.exe

O23 - Service: Terminal Server Remote Connections Manager - C:\Windows\System32\svchost.exe

O23 - Service: Windows Shell Services Dll - C:\Windows\System32\svchost.exe

O23 - Service: Multimedia Class Scheduler Service - C:\Windows\system32\svchost.exe

O23 - Service: TOSHIBA Bluetooth Service - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

O23 - Service: Interactive services detection - C:\Windows\system32\UI0Detect.exe

O23 - Service: UPnP Device Host - C:\Windows\system32\svchost.exe

O23 - Service: Desktop Window Manager - C:\Windows\System32\svchost.exe

O23 - Service: Virtual Disk Service - C:\Windows\System32\vds.exe

O23 - Service: Microsoft® Volume Shadow Copy Service - C:\Windows\system32\vssvc.exe

O23 - Service: Windows Time Service - C:\Windows\system32\svchost.exe

O23 - Service: Windows Connect Now - Config Registrar Service - C:\Windows\System32\svchost.exe

O23 - Service: WcsPlugInService DLL - C:\Windows\system32\svchost.exe

O23 - Service: Web DAV Service DLL - C:\Windows\system32\svchost.exe

O23 - Service: Event Collector Service - C:\Windows\system32\svchost.exe

O23 - Service: Problem Reports and Solutions - C:\Windows\System32\svchost.exe

O23 - Service: Windows Error Reporting Service - C:\Windows\System32\svchost.exe

O23 - Service: Windows Defender - C:\Windows\System32\svchost.exe

O23 - Service: Windows HTTP Services - C:\Windows\system32\svchost.exe

O23 - Service: WMI - C:\Windows\system32\svchost.exe

O23 - Service: WSMan Service - C:\Windows\System32\svchost.exe

O23 - Service: Windows WLAN AutoConfig Service DLL - C:\Windows\system32\svchost.exe

O23 - Service: Windows Live ID Sign-in Assistant - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

O23 - Service: WMI Performance Reverse Adapter - C:\Windows\system32\wbem\WmiApSrv.exe

O23 - Service: ePower Service - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: Windows Media Player Network Sharing Service - C:\Program Files\Windows Media Player\wmpnetwk.exe

O23 - Service: WPC Filtering Service - C:\Windows\system32\svchost.exe

O23 - Service: Portable Device Enumerator - C:\Windows\system32\svchost.exe

O23 - Service: Security Center - C:\Windows\System32\svchost.exe

O23 - Service: Microsoft Windows Search Indexer - C:\Windows\system32\SearchIndexer.exe

O23 - Service: Windows Update - C:\Windows\system32\svchost.exe

O23 - Service: Windows Driver Foundation - User-mode Driver Framework Service - C:\Windows\system32\svchost.exe

O23 - Service: XAudioService - C:\Windows\system32\DRIVERS\xaudio.exe

Операционна система Windows Vista SP2. Intel Pentium Dual Core T2080 - 1.73 GHz RAM - 2 GB.

При стартиране на компютъра около 50% от Рам-а е зает. Нормално е около 32-35%. Не мога да разбера защо така?

Night_Raven · Януари 5, 2010

Конкретно за Vista не мисля, че 1GB заета памет е ненормално. Можеш да пробваш да спреш някои услуги, хоствани от svchost.

Влез

плоблем с Svhost

Препоръчан пост

Armageddon8

Link to comment

Сподели другаде

Night_Raven

Link to comment

Сподели другаде

Join the conversation

Разгледай

Какво ново?