Kone alkanut hyytymään, hjt-logia tarkistettavaksi

Elikkäs kannettava on alkanut tahmaamaan pikkuhiljaa. Tässä logi jos joku asian osaava viitsisi vilkaista..?
Kiitos!

---------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 9:18:26, on 29.12.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\ajs\Työpöytä\hijackthis_self\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Konfabulator.lnk = C:\Program Files\Pixoria\Konfabulator\Konfabulator.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\OProtSvc.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--------------------------------------------------------------

 

Mitään pahaa ei tuosta löydy.


ajan vielä eScan lue ohjeet, päivitä ja scannaa: http://koti.mbnet.fi/pattaya1/escanmwav.htm
Lähetä se alemman laatikon tulokset tänne.

 

Tässäpätämä eScanin logi:

File C:\PROGRA~1\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File
C:\Documents and Settings\ajs\Omat tiedostot\www-sivut\vnc-4_1_1-x86_win32.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4110. No Action Taken.
File
C:\Documents and Settings\ajs\Työpöytä\Omat Docut\Opera\Opera\profile\cache4\opr00238.js infected by "Exploit.HTML.CodeBaseExec" Virus. Action Taken: File Deleted.
File
C:\Documents and Settings\ajs\Työpöytä\Omat Docut\Opera\Opera\profile\cache4\opr003HL.js infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: File Deleted.
File
C:\Program Files\mIRC\mirc.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\06C43E53.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\35740CD3.tmp infected by "Trojan.Java.ClassLoader.d" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\3F3833F6.js infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\41AB3C96.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\610325D1.tmp infected by "Trojan.Java.ClassLoader.h" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\67F3003D.cla infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\68107A1C.cla infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\685B3FCA.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\6E30335F.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\709C5CB5.cla infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7D8F5475.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\Program Files\Norton Internet Security\Norton AntiVirus\Quarantine\7E2F5DC5.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\Program Files\Opera\Mail\store\account1\2005-02.mbs infected by "Trojan-Spy.HTML.Bankfraud.dq" Virus. Action Taken: File Deleted.
File
C:\Program Files\VNC Viewer\vnc-4.0-x86_win32_viewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP159\A0031904.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP159\A0031914.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP159\A0031917.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP184\A0035676.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP184\A0035677.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP184\A0035678.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP184\A0035679.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File
C:\System Volume Information\_restore{4987A400-9161-4B27-A8D0-A4BA9F4E9FC1}\RP184\A0035680.exe infected by "Trojan-Downloader.Win32.Small.bws" Virus. Action Taken: File Deleted.
File

 

Jos tuo VNC ei ole itse asentamasi, poista se. Muuten tuo on ok.

 

On itse asennettu ja käytössä..
Kiitos tarkistuksesta

Täytynee alkaa hommaamaan lisää muistia ton tukkoisuuden hoitoon..

 

Olekos muuten eheyttänyt levyä aikoihin ja poistanut turhat temp tiedostot sun muut historiat koneelta?