Netti hidastunut ja kone ei meinaa sammua Hjt logi

netti on hidastunut todella paljon ja kun konetta kokkeilee sammmuttaa niin se ei sammu tässä hjt logi katsottavaksi:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:23:31, on 30.12.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\ATI-CPanel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Wolfenstein - Enemy Territory\ET.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O2 - BHO: (no name) - {FFFFFEF0-5B30-21D4-945D-000000000000} - C:\PROGRA~1\STARDO~1\SDIEInt.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\wianmpa.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Contact Manager Alerts] C:\Program Files\Contact Manager 2007\Alerts.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download with Star Downloader - C:\Program Files\Star Downloader\sdie.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 8340 bytes

 

eikä kukaan osaa auttaa :`(

 

1.Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

ComboFix 07-12-31.4 - Anne 2007-12-31 15:44:50.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.532 [GMT 2:00]
Running from: C:\Documents and Settings\Anne\Työpöytä\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\regedit.com
C:\WINDOWS\system32\taskmgr.com

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2007-11-28 to 2007-12-31 )))))))))))))))))
.

2007-12-31 15:43 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-12-31 14:26 . 2007-12-31 14:26 <KANSIO> d-------- C:\Program Files\Lavalys
2007-12-31 00:15 . 2007-12-31 14:08 <KANSIO> d-------- C:\Program Files\SpeedFan
2007-12-31 00:15 . 2007-12-31 00:15 45 --a------ C:\WINDOWS\system32\initdebug.nfo
2007-12-29 00:06 . 2007-12-29 00:08 <KANSIO> d-------- C:\Program Files\Mopokorttikoulu
2007-12-24 00:32 . 2007-12-24 00:32 <KANSIO> d-------- C:\Program Files\Astonsoft
2007-12-24 00:32 . 2007-12-24 00:35 <KANSIO> d-------- C:\Documents and Settings\Anne\Application Data\DeepBurner
2007-12-24 00:25 . 2007-12-24 00:29 <KANSIO> d-------- C:\Program Files\Elaborate Bytes
2007-12-24 00:25 . 2007-12-24 00:25 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Elaborate Bytes
2007-12-24 00:25 . 2007-12-24 00:25 48 --ahs---- C:\WINDOWS\S968E0F0F.tmp
2007-12-23 21:30 . 2007-12-30 14:51 49 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-23 21:24 . 2007-12-23 21:35 <KANSIO> d-------- C:\Documents and Settings\Anne\Application Data\Ahead
2007-12-23 21:16 . 2001-07-09 12:50 155,648 -ra------ C:\WINDOWS\system32\NeroCheck.exe
2007-12-23 21:14 . 2004-02-03 18:05 1,708,032 --------- C:\WINDOWS\UNNeroVision.exe
2007-12-23 21:14 . 2004-02-13 17:32 83,537 --------- C:\WINDOWS\UNNeroVision.cfg
2007-12-23 21:14 . 2001-03-08 19:30 24,064 -ra------ C:\WINDOWS\system32\msxml3a.dll
2007-12-23 21:13 . 2007-12-23 21:13 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2007-12-23 21:13 . 2001-07-06 15:41 569,344 -ra------ C:\WINDOWS\system32\imagr5.dll
2007-12-23 21:13 . 2001-07-06 13:44 544,768 -ra------ C:\WINDOWS\system32\imagx5.dll
2007-12-23 21:13 . 2001-07-06 19:24 283,920 -ra------ C:\WINDOWS\system32\ImagXpr5.dll
2007-12-23 21:13 . 2001-06-26 09:15 38,912 -ra------ C:\WINDOWS\system32\picn20.dll
2007-12-23 21:11 . 2004-02-09 13:02 1,765,376 --------- C:\WINDOWS\NuNinst.exe
2007-12-23 21:11 . 2004-02-13 17:32 47,091 --------- C:\WINDOWS\NuNinst.cfg
2007-12-23 21:10 . 2007-12-23 21:10 <KANSIO> d-------- C:\WINDOWS\InCD
2007-12-23 21:10 . 2007-12-23 21:13 <KANSIO> d-------- C:\Program Files\Common Files\Ahead
2007-12-23 21:10 . 2007-12-23 21:16 <KANSIO> d-------- C:\Program Files\Ahead
2007-12-23 21:10 . 2004-02-10 14:22 94,320 --------- C:\WINDOWS\system32\drivers\incdfs.sys
2007-12-23 21:10 . 2004-02-10 14:23 27,408 --------- C:\WINDOWS\system32\drivers\incdpass.sys
2007-12-23 21:10 . 2004-02-10 14:23 9,555 --------- C:\WINDOWS\system32\drivers\incdrec.sys
2007-12-21 17:47 . 2007-12-21 17:47 <KANSIO> d---s---- C:\Documents and Settings\Antti..vain minun\UserData
2007-12-18 23:35 . 2007-12-18 23:35 <KANSIO> d-------- C:\Program Files\ZoneAlarmSB
2007-12-18 22:48 . 2007-12-30 17:23 <KANSIO> d-------- C:\Hjt
2007-11-17 13:14 . 2007-11-17 13:14 0 --a------ C:\OrbPVR.db
2007-11-15 15:39 . 2007-11-15 16:22 <KANSIO> d-------- C:\Program Files\ElastoManiaRegistered
2007-11-12 15:55 . 2007-12-31 15:48 3,045,408 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-11-12 15:55 . 2007-12-31 03:17 36,212 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-11-12 15:51 . 2007-11-12 15:51 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-11-08 20:48 . 2007-11-08 20:48 3,120 --a------ C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
2007-11-08 20:48 . 2007-11-08 20:48 3,120 --a------ C:\WINDOWS\f96ac0e5-19d2-42c5-8f68-eb7a99861769.ocx
2007-11-08 20:33 . 2007-11-08 20:39 766 --a------ C:\CrossHair.ico
2007-11-07 23:32 . 2007-11-07 23:32 <KANSIO> d-------- C:\Program Files\Runescape Prices
2007-11-06 22:13 . 2007-12-13 21:04 <KANSIO> d-------- C:\Program Files\Cheat Engine
2007-11-04 11:33 . 2007-11-04 11:33 <KANSIO> d-------- C:\Program Files\Winamp Toolbar
2007-11-04 11:33 . 2007-11-16 15:19 <KANSIO> d-------- C:\Program Files\Winamp Remote
2007-11-04 11:33 . 2007-11-04 11:33 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2007-11-04 11:33 . 2007-11-05 14:59 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-30 23:45 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-12-30 23:45 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-12-30 19:14 --------- d-----w C:\Program Files\RevConnect
2007-12-30 18:24 13,068 ----a-w C:\Documents and Settings\Anne\Application Data\wklnhst.dat
2007-12-30 16:39 --------- d-----w C:\Program Files\Valve
2007-12-30 14:59 --------- d-----w C:\Program Files\Wolfenstein - Enemy Territory
2007-12-28 09:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avg7
2007-12-24 22:47 --------- d-----w C:\Documents and Settings\Anne\Application Data\uTorrent
2007-12-21 16:13 4,942 ----a-w C:\Documents and Settings\Antti..vain minun\Application Data\wklnhst.dat
2007-12-20 21:44 --------- d-----w C:\Program Files\Gabest
2007-12-15 11:57 --------- d-----w C:\Program Files\Last.fm
2007-12-15 10:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-27 20:28 --------- d-----w C:\Documents and Settings\Anne\Application Data\AVG7
2007-11-14 14:05 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-11-14 14:05 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-12 13:42 29,453 ----a-w C:\WINDOWS\Internet Logs\zlclient_2nd_2007_11_12_15_40_46_small.dmp.zip
2007-11-08 15:06 --------- d-----w C:\Program Files\Electronic Arts
2007-11-08 15:05 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-04 09:33 --------- d-----w C:\Program Files\Winamp
2007-10-29 22:43 1,288,192 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 14:48 --------- d-----w C:\Program Files\iTunes
2007-10-29 14:48 --------- d-----w C:\Documents and Settings\All Users\Application Data\Last.fm
2007-10-25 08:02 111,964 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_10_25_01_14_13_small.dmp.zip
2007-10-20 04:01 227,328 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-07-23 08:34 36,325 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_23_05_03_41_small.dmp.zip
2007-07-19 13:24 120,942 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_19_16_04_18_small.dmp.zip
2007-07-12 00:21 122,940 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_07_12_01_26_22_small.dmp.zip
2007-06-26 13:18 20,674,768 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_06_25_14_43_24_full.dmp.zip
2007-06-24 10:54 120,948 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_06_24_00_42_36_small.dmp.zip
2007-06-24 10:54 117,450 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_06_24_01_46_48_small.dmp.zip
2007-05-24 11:57 123,807 ----a-w C:\WINDOWS\Internet Logs\vsmon_2nd_2007_05_23_23_46_29_small.dmp.zip
2007-05-03 17:38 29,496 ----a-w C:\Documents and Settings\Antti..vain minun\Application Data\GDIPFONTCACHEV1.DAT
2007-03-18 10:33 29,496 ----a-w C:\Documents and Settings\Anne\Application Data\GDIPFONTCACHEV1.DAT
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 22:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
2007-12-18 23:35 262144 --a------ C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 22:06 1135968]
"{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL [2007-12-18 23:35 262144]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 14:00 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [2007-03-02 01:11 43008]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-04-11 17:52 1409024]
"Contact Manager Alerts"="C:\Program Files\Contact Manager 2007\Alerts.exe" [ ]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2007-10-23 02:47 360448]
"Steam"="C:\Program Files\Valve\Steam\Steam.exe" [2007-12-30 18:47 1266936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-12-09 15:32 225280]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2006-01-05 07:58 489472]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2006-01-05 08:15 73728]
"LogitechCameraService(E)"="C:\WINDOWS\system32\ElkCtrl.exe" [2004-11-01 17:22 262144]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2007-12-21 09:35 579072]
"ATIPTA"="C:\ATI-CPanel\atiptaxx.exe" [2004-05-25 21:10 339968]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [2006-04-26 08:29 237568]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-26 13:42 267064]
"WinampAgent"="C:\Program Files\Winamp\wianmpa.exe" [ ]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-11-14 16:05 919016]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-02-10 14:21 1261672]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 14:00 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2007-10-25 10:04 219136]

C:\Documents and Settings\Antti..vain minun\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-10-29 16:47:25]

C:\Documents and Settings\Anne\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
Last.fm Helper.lnk - C:\Program Files\Last.fm\LastFMHelper.exe [2007-10-29 16:47:25]

C:\Documents and Settings\All Users\K„ynnist„-valikko\Ohjelmat\K„ynnistys\
hp psc 1000 series.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe [2003-04-06 01:17:18]
hpoddt01.exe.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-04-06 01:06:58]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-03-25 12:36:07]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 01:01:04]

R1 oreans32;oreans32;C:\WINDOWS\system32\drivers\oreans32.sys [2007-09-16 12:06]
R3 AN983;ADMtek AN983/AN985/ADM951X 10/100Mbps Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\AN983.sys [2003-04-18 13:45]
R3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
S3 AF15BDA;AF9015 BDA Filter;C:\WINDOWS\system32\Drivers\AF15BDA.sys []

*Newly Created Service* - PROCEXP90
.
'Ajoitetut tehtävät'-kansion sisältö
"2007-09-27 17:31:23 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-06-05 17:35:57 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1173030592.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-31 15:48:32
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-31 15:49:12
C:\qoobox\ComboFix-quarantined-files.txt 2007-12-31 13:49:10
.
2007-12-21 15:26:25 --- E O F ---

 

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL

poista vikasiedossa kansio
C:\Program Files\ZoneAlarmSB