Hijackthis Log? | Säkerhet | Forum

A A A

Please consider registering
Guest

Search

— Forum Scope —




— Match —





— Forum Options —





Minimum search word length is 3 characters - maximum search word length is 84 characters

Lost password?
The forums are currently locked and only available for read only access
sp_Feed sp_TopicIcon
Hijackthis Log?
This topic is locked
ViTToly
Mina inlägg skrivs i binär kod
Medlem
Forum Posts: 124
Member Since:
juni 19, 2007
sp_UserOfflineSmall Offline
1
maj 19, 2010 - 10:17 e m
sp_Permalink sp_Print

Tjena någon som kan se något konstigt i loggen. Jag hittar inget konstigt, men ändå får jag med jämna mellanrum meddelande ifrån Antivir Avira att det finns trojaner (TR/Hijacker.Gen) på datorn (C:WINDOWSTempcbdw.tmpsvchost.exe) och jag trycker på delete med de dyker ändå upp igen, det verkar vara något som genererar fram dessa ”trojaner” och jag kan inte hitta felet.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:16:18, on 2010-05-20
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:ProgramAviraAntiVir PersonalEdition Classicsched.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:ProgramAviraAntiVir PersonalEdition Classicavguard.exe
C:ProgramSpyware DoctorBDTBDTUpdateService.exe
C:ProgramJavajre6binjqs.exe
C:ProgramAviraAntiVir PersonalEdition Classicavgnt.exe
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32ctfmon.exe
C:ProgramATI TechnologiesATI.ACECore-StaticMOM.exe
C:WINDOWSSystem32alg.exe
C:ProgramATI TechnologiesATI.ACECore-Staticccc.exe
C:ProgramMozilla Firefoxfirefox.exe
C:ProgramTrend MicroHijackThisHijackThis.exe
C:WINDOWSsystem32wbemwmiprvse.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.se/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Länkar
O2 – BHO: Browser Defender BHO – {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} – C:ProgramSpyware DoctorBDTPCTBrowserDefender.dll
O2 – BHO: Windows Live inloggningshjälpen – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:ProgramDelade filerMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:ProgramJavajre6binjp2ssv.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:ProgramJavajre6libdeployjqsiejqs_plugin.dll
O2 – BHO: (no name) – {F1EDB6F3-9B01-4E90-9990-749DE76E5B44} – c:windowssystem32fafbvxo.dll
O3 – Toolbar: PC Tools Browser Guard – {472734EA-242A-422B-ADF8-83D1E48CC825} – C:ProgramSpyware DoctorBDTPCTBrowserDefender.dll
O4 – HKLM..Run: [avgnt] ”C:ProgramAviraAntiVir PersonalEdition Classicavgnt.exe” /min
O4 – HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 – HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM..Run: [JMB36X IDE Setup] C:WINDOWSRaidToolxInsIDE.exe
O4 – HKLM..Run: [36X Raid Configurer] C:WINDOWSsystem32xRaidSetup.exe boot
O4 – HKLM..Run: [StartCCC] ”C:ProgramATI TechnologiesATI.ACECore-StaticCLIStart.exe” MSRun
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 – HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ’LOKAL TJÄNST’)
O4 – HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ’NETWORK SERVICE’)
O4 – HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ’SYSTEM’)
O4 – HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ’Default user’)
O9 – Extra button: Research – {92780B25-18CC-41C8-B9BE-3C9C571A8263} – C:ProgramMICROS~3Office12REFIEBAR.DLL
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 – Extra ’Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 – Extra button: Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:ProgramMessengermsmsgs.exe
O9 – Extra ’Tools’ menuitem: Windows Messenger – {FB5F1910-F110-11d2-BB9E-00C04F795683} – C:ProgramMessengermsmsgs.exe
O16 – DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) – http://gfx2.hotmail.com/mail/w3/resources/MSNPUpld.cab
O20 – Winlogon Notify: !SASWinLogon – C:ProgramSUPERAntiSpywareSASWINLO.dll
O23 – Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) – Avira GmbH – C:ProgramAviraAntiVir PersonalEdition Classicsched.exe
O23 – Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) – Avira GmbH – C:ProgramAviraAntiVir PersonalEdition Classicavguard.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:WINDOWSsystem32Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:WINDOWSsystem32ati2sgag.exe
O23 – Service: Browser Defender Update Service – Threat Expert Ltd. – C:ProgramSpyware DoctorBDTBDTUpdateService.exe
O23 – Service: FLEXnet Licensing Service – Acresso Software Inc. – C:ProgramDelade filerMacrovision SharedFLEXnet PublisherFNPLicensingService.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:ProgramDelade filerInstallShieldDriver11Intel 32IDriverT.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:ProgramJavajre6binjqs.exe
O23 – Service: PC Tools Auxiliary Service (sdAuxService) – PC Tools – C:ProgramSpyware DoctorpctsAuxs.exe
O23 – Service: PC Tools Security Service (sdCoreService) – PC Tools – C:ProgramSpyware DoctorpctsSvc.exe


End of file – 5223 bytes

Avatar
Snorch
Medlem
Medlem
Forum Posts: 8881
Member Since:
mars 14, 2001
sp_UserOfflineSmall Offline
1249940
maj 20, 2010 - 2:54 e m
sp_Permalink sp_Print

Googlar man efter ”temp svchost.exe” hittar man en jäkla massa sidor med liknande problem som du har, och minst lika många förslag på lösningar. Verkar kunna vara lite alla möjlig saker som åstadkommer dessa problem.
Börja läs lite i den här tråden, och prova tipsen som finns där, bla programmet Hitmanpro.
http://www.techspot.com/vb/top…..40137.html
Här några andra förslag: Lång länk

This topic is locked
Forum Timezone: Europe/Stockholm

Most Users Ever Online: 694

Currently Online:
82 Guest(s)

Currently Browsing this Page:
1 Guest(s)

Top Posters:

Andreas Galistel: 16287

Jonas Klar: 15897

ilg@dd: 10810

Nyhet: 10607

Mind: 10550

Ctrl: 10355

Gueno: 9881

Guest: 9344

Snorch: 8881

Callister: 8468

Newest Members:

best bills

Michael47131

lewca rdoza

Chanson Water

hien nguyen

jeewan garg

phanmanhz

Marilyn ruth

pkinpum

Kimi

Forum Stats:

Groups: 11

Forums: 59

Topics: 146630

Posts: 1300967

 

Member Stats:

Guest Posters: 1

Members: 78028

Moderators: 0

Admins: 11

Administrators: nordicadmin, Henrik Berntsson, Anton Karmehed, Carl Holmberg, Joel Oscarsson, Mikael Linnér, Mikael Schwartz, Andreas Paulsson, Nickebjrk, Mattias Pettersson, EmxL