2008-06-29, 16:13
#1
Kan någon vara snäll och tyda min hijackthis eftersom min dator verkar
Program stängs ner automatiskt m.m.
Program stängs ner automatiskt m.m.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:41, on 2008-06-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
E:\WINDOWS.0\System32\smss.exe
E:\WINDOWS.0\system32\winlogon.exe
E:\WINDOWS.0\system32\services.exe
E:\WINDOWS.0\system32\lsass.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\System32\svchost.exe
E:\WINDOWS.0\system32\spoolsv.exe
E:\Program\Creative\Shared Files\CTAudSvc.exe
E:\Program\Bonjour\mDNSResponder.exe
E:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\WINDOWS.0\system32\nvsvc32.exe
E:\WINDOWS.0\system32\IoctlSvc.exe
E:\WINDOWS.0\system32\PnkBstrA.exe
E:\WINDOWS.0\system32\PnkBstrB.exe
E:\WINDOWS.0\system32\wuauclt.exe
E:\WINDOWS.0\Explorer.EXE
E:\Program\BillP Studios\WinPatrol\winpatrol.exe
E:\Program\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\WINDOWS.0\system32\ctfmon.exe
E:\Program\Stardock\ObjectDock\ObjectDock.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\Program\Mozilla Firefox\firefox.exe
E:\Program\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [WinPatrol] E:\Program\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "E:\Program\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [TransBar] E:\Program\AKSoftware\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [Sidebar] E:\Program\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS.0\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [TransBar] E:\Program\AKSoftware\TransBar\TransBar.exe /s (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: Skärmurklipp och start för OneNote 2007.lnk = E:\Program\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Stardock ObjectDock.lnk = E:\Program\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://E:\Program\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - E:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Program\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS.0\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS.0\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS.0\system32\PnkBstrB.exe
--
End of file - 5192 bytes
Scan saved at 16:04:41, on 2008-06-29
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
E:\WINDOWS.0\System32\smss.exe
E:\WINDOWS.0\system32\winlogon.exe
E:\WINDOWS.0\system32\services.exe
E:\WINDOWS.0\system32\lsass.exe
E:\WINDOWS.0\system32\svchost.exe
E:\WINDOWS.0\System32\svchost.exe
E:\WINDOWS.0\system32\spoolsv.exe
E:\Program\Creative\Shared Files\CTAudSvc.exe
E:\Program\Bonjour\mDNSResponder.exe
E:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe
E:\WINDOWS.0\system32\nvsvc32.exe
E:\WINDOWS.0\system32\IoctlSvc.exe
E:\WINDOWS.0\system32\PnkBstrA.exe
E:\WINDOWS.0\system32\PnkBstrB.exe
E:\WINDOWS.0\system32\wuauclt.exe
E:\WINDOWS.0\Explorer.EXE
E:\Program\BillP Studios\WinPatrol\winpatrol.exe
E:\Program\ESET\ESET NOD32 Antivirus\egui.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\WINDOWS.0\system32\ctfmon.exe
E:\Program\Stardock\ObjectDock\ObjectDock.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\Program\Windows Sidebar\sidebar.exe
E:\Program\Mozilla Firefox\firefox.exe
E:\Program\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - E:\Program\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [WinPatrol] E:\Program\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE E:\WINDOWS.0\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [egui] "E:\Program\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [TransBar] E:\Program\AKSoftware\TransBar\TransBar.exe /s
O4 - HKCU\..\Run: [Sidebar] E:\Program\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS.0\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-19\..\Run: [TransBar] E:\Program\AKSoftware\TransBar\TransBar.exe /s (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS.0\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMIDI] MIDIDEF.EXE /s:'Creative SoundFont Synthesizer' /w:'SB Audigy' (User 'Default user')
O4 - Startup: Skärmurklipp och start för OneNote 2007.lnk = E:\Program\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: Stardock ObjectDock.lnk = E:\Program\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://E:\Program\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Skicka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Ski&cka till OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - E:\Program\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Program\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - E:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - E:\Program\MICROS~2\Office12\GR99D3~1.DLL
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - E:\Program\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - E:\Program\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - E:\Program\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - E:\Program\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program\Delade filer\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS.0\system32\nvsvc32.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - E:\WINDOWS.0\system32\IoctlSvc.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS.0\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS.0\system32\PnkBstrB.exe
--
End of file - 5192 bytes
