Windows jämähtää alkukäynnityksen jälkeen HELP!

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by REDemptio, Jul 8, 2009.

Thread Status:
Not open for further replies.
  1. REDemptio

    REDemptio Member

    Joined:
    Oct 17, 2004
    Messages:
    86
    Likes Received:
    0
    Trophy Points:
    16
    Tossa toisessa viestissä olen koittanut pyytää apua mutta ei ole löytynyt, joten ajattelin tätäkin kokeilla. Tässä linkki toiseen viestiini:
    http://keskustelu.afterdawn.com/t.cfm/f-122/wintoosa_xp_kaynnistyy_tyopoydalle_ja_jamahtaa-783731/

    HJT-logi:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:29:50, on 8.7.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    J:\WINDOWS\System32\smss.exe
    J:\WINDOWS\system32\winlogon.exe
    J:\WINDOWS\system32\services.exe
    J:\WINDOWS\system32\lsass.exe
    J:\WINDOWS\system32\Ati2evxx.exe
    J:\WINDOWS\system32\svchost.exe
    J:\WINDOWS\System32\svchost.exe
    J:\WINDOWS\system32\svchost.exe
    J:\WINDOWS\system32\ZoneLabs\vsmon.exe
    J:\WINDOWS\system32\Ati2evxx.exe
    J:\WINDOWS\Explorer.EXE
    J:\Program Files\Avast4\aswUpdSv.exe
    J:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    J:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    J:\Program Files\Avast4\ashServ.exe
    J:\WINDOWS\system32\spoolsv.exe
    J:\Program Files\CheckPoint\ZAForceField\ForceField.exe
    J:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
    J:\Program Files\CheckPoint\ZAForceField\ISWMGR.exe
    J:\Program Files\Java\jre6\bin\jqs.exe
    J:\Program Files\BUFFALO\NASNAVI\nassvc.exe
    J:\WINDOWS\system32\PnkBstrA.exe
    J:\WINDOWS\system32\svchost.exe
    J:\Program Files\Avast4\ashMaiSv.exe
    J:\Program Files\Avast4\ashWebSv.exe
    J:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    J:\Program Files\Unlocker\UnlockerAssistant.exe
    J:\WINDOWS\RTHDCPL.EXE
    J:\PROGRA~1\Avast4\ashDisp.exe
    J:\Program Files\Gigabyte\ET5Pro\GUI.exe
    J:\Program Files\BOINC\boincmgr.exe
    J:\Program Files\BOINC\boinctray.exe
    J:\Program Files\Gmail Notifier\gnotify.exe
    J:\Program Files\Java\jre6\bin\jusched.exe
    J:\WINDOWS\System32\svchost.exe
    J:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    J:\WINDOWS\system32\ctfmon.exe
    J:\Program Files\Advanced SystemCare 3\AWC.exe
    J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    J:\Program Files\DAEMON Tools Lite\daemon.exe
    J:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    J:\Program Files\BOINC\boinc.exe
    J:\Program Files\Logitech\SetPoint\SetPoint.exe
    J:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
    J:\Program Files\BUFFALO\NASNAVI\nassche.exe
    J:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    J:\Program Files\Trillian\trillian.exe
    J:\Program Files\Memeo\AutoBackup\MemeoBackup.exe
    J:\Program Files\Mozilla Firefox\firefox.exe
    J:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE
    J:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://192.168.0.1/
    O2 - BHO: ForceField Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - J:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - J:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - J:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O3 - Toolbar: (no name) - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - (no file)
    O3 - Toolbar: ForceField Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - J:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
    O4 - HKLM\..\Run: [UnlockerAssistant] J:\Program Files\Unlocker\UnlockerAssistant.exe -H
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [EasyTuneVPro] J:\Program Files\Gigabyte\ET5Pro\ETcall.exe
    O4 - HKLM\..\Run: [Ad-Watch] J:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    O4 - HKLM\..\Run: [avast!] J:\PROGRA~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [boincmgr] "J:\Program Files\BOINC\boincmgr.exe" /a /s
    O4 - HKLM\..\Run: [boinctray] "J:\Program Files\BOINC\boinctray.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] J:\Program Files\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "J:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [ZoneAlarm Client] "J:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [ISW] "J:\Program Files\CheckPoint\ZAForceField\ForceField.exe" /start_mode="auto"
    O4 - HKLM\..\Run: [StartCCC] "J:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Advanced SystemCare 3] "J:\Program Files\Advanced SystemCare 3\AWC.exe" /startup
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "J:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
    O4 - S-1-5-18 Startup: BUFFALO NAS Navigator.lnk = J:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Memeo AutoBackup Launcher.lnk = ? (User 'SYSTEM')
    O4 - S-1-5-18 Startup: NAS Scheduler.lnk = J:\Program Files\BUFFALO\NASNAVI\nassche.exe (User 'SYSTEM')
    O4 - S-1-5-18 Startup: Trillian.lnk = J:\Program Files\Trillian\trillian.exe (User 'SYSTEM')
    O4 - .DEFAULT Startup: BUFFALO NAS Navigator.lnk = J:\Program Files\BUFFALO\NASNAVI\NasNavi.exe (User 'Default user')
    O4 - .DEFAULT Startup: Memeo AutoBackup Launcher.lnk = ? (User 'Default user')
    O4 - .DEFAULT Startup: NAS Scheduler.lnk = J:\Program Files\BUFFALO\NASNAVI\nassche.exe (User 'Default user')
    O4 - .DEFAULT Startup: Trillian.lnk = J:\Program Files\Trillian\trillian.exe (User 'Default user')
    O4 - Startup: BUFFALO NAS Navigator.lnk = J:\Program Files\BUFFALO\NASNAVI\NasNavi.exe
    O4 - Startup: Memeo AutoBackup Launcher.lnk = ?
    O4 - Startup: NAS Scheduler.lnk = J:\Program Files\BUFFALO\NASNAVI\nassche.exe
    O4 - Startup: Trillian.lnk = J:\Program Files\Trillian\trillian.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = J:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - Global Startup: Logitech SetPoint.lnk = J:\Program Files\Logitech\SetPoint\SetPoint.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - J:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - J:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - J:\Program Files\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - J:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - J:\Program Files\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - J:\Program Files\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - J:\Program Files\Avast4\ashWebSv.exe
    O23 - Service: ForceField IswSvc (IswSvc) - Check Point Software Technologies - J:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - J:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - J:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - J:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: NAS PM Service (NasPmService) - BUFFALO INC. - J:\Program Files\BUFFALO\NASNAVI\nassvc.exe
    O23 - Service: PnkBstrA - Unknown owner - J:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: ServiceLayer - Nokia. - J:\Program Files\Nokia\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - J:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 8419 bytes
     
    REDemptio, Jul 8, 2009
    #1
Thread Status:
Not open for further replies.

Share This Page