Log In
Home
June 19, 2007
Offline
Tjena någon som kan se något konstigt i loggen. Jag hittar inget konstigt, men ändå får jag med jämna mellanrum meddelande ifrån Antivir Avira att det finns trojaner (TR/Hijacker.Gen) på datorn (C:WINDOWSTempcbdw.tmpsvchost.exe) och jag trycker på delete med de dyker ändå upp igen, det verkar vara något som genererar fram dessa "trojaner" och jag kan inte hitta felet.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:16:18, on 2010-05-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramAviraAntiVir PersonalEdition Classicsched.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:ProgramAviraAntiVir PersonalEdition Classicavguard.exe
C:ProgramSpyware DoctorBDTBDTUpdateService.exe
C:ProgramJavajre6binjqs.exe
C:ProgramAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramATI TechnologiesATI.ACECore-StaticMOM.exe
C:WINDOWSSystem32alg.exe
C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe
C:ProgramMozilla Firefoxfirefox.exe
C:ProgramTrend MicroHijackThisHijackThis.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.se/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 - BHO: Browser Defender BHO - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:ProgramSpyware DoctorBDTPCTBrowserDefender.dll
O2 - BHO: Windows Live inloggningshjälpen - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:ProgramJavajre6binjp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O2 - BHO: (no name) - {F1EDB6F3-9B01-4E90-9990-749DE76E5B44} - c:windowssystem32fafbvxo.dll
O3 - Toolbar: PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:ProgramSpyware DoctorBDTPCTBrowserDefender.dll
O4 - HKLM..Run: [avgnt] "C:ProgramAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [JMB36X IDE Setup] C:WINDOWSRaidToolxInsIDE.exe
O4 - HKLM..Run: [36X Raid Configurer] C:WINDOWSsystem32xRaidSetup.exe boot
O4 - HKLM..Run: [StartCCC] "C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe" MSRun
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:ProgramMICROS~3Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgramMessengermsmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O20 - Winlogon Notify: !SASWinLogon - C:ProgramSUPERAntiSpywareSASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:ProgramAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:ProgramAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Browser Defender Update Service - Threat Expert Ltd. - C:ProgramSpyware DoctorBDTBDTUpdateService.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:ProgramDelade filerMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:ProgramJavajre6binjqs.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:ProgramSpyware DoctorpctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:ProgramSpyware DoctorpctsSvc.exe
--
End of file - 5223 bytes
March 14, 2001
Offline
Googlar man efter "temp svchost.exe" hittar man en jäkla massa sidor med liknande problem som du har, och minst lika många förslag på lösningar. Verkar kunna vara lite alla möjlig saker som åstadkommer dessa problem.
Börja läs lite i den här tråden, och prova tipsen som finns där, bla programmet Hitmanpro.
http://www.techspot.com/vb/top.....40137.html
Här några andra förslag: Lång länk
1 Guest(s)
