System volume ja virus vai onko

Tervehdys !.en tiedä onko vakavaa mutta koneeni ilmoittaa aina ajastetulla tarkistuksella seuraavaa. C:\System Volume Information\_restore{9078A722-B002-477E-AFB0-9A24BC8BED98}\RP169\A0058308.dll\A0058308 Virustartunta: Trojan-Downloader.ja kun suoritan manuaalisen skannauksen koneella niin kaikki näyttää olevan ok.kävin koneen (WinXP) Hijackillä. ja tässä on logi.olisko ketään joka osaa auttaa.? että tietää mitä voi ja kannattaa poistaa.KIITOS

Logfile of HijackThis v1.99.1
Scan saved at 11:54:48, on 26.9.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguiexe.exe
C:\--PASK~1\SONYMP~1\SsAAD.exe
C:\--PASKAA ELI TÄNNE KAIKKI\netlimiter 1.30\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\--PASK~1\SPYWAR~1\SPYWAR~1\swdoctor.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\harri\Työpöytä\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local.,
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\--PASK~1\SONYMP~1\SsAAD.exe
O4 - HKLM\..\Run: [DataLayer] C:\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [NetLimiter] C:\--PASKAA ELI TÄNNE KAIKKI\netlimiter 1.30\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.com/save/makeover.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - Unknown owner - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

 

Loki on kunnossa, sulla on vaan toi troijalainen järjestelmän palautus-kansiossa. Haepa tuolta -> http://koti.mbnet.fi/pattaya1/escanmwav.htm eScan, asenna ja päivitä sivulla olevien ohjeiden mukaan ja sitten skannaa sillä. Skannauksen jälkeen lähetä eScanin loki tänne (ohje tuolla sivulla, alin kuva ja sen yläpuolella oleva teksti). eScan osaa poistaa pöpöt myös järjestelmän palautus-kansiosta.

 

eScan on hyvä... eikös sen -kemisti- saa tollakin:

Ota järjestelmän palautus / system restore pois päältä ja palauta asetukset. Ohje ===>
http://www.virustorjunta.net/module...es=Yleisohjeita+ongelmatilanteiden+ratkaisuun

 

@Sean_: Kyllä saa. Tossa eScanissa on vaan se etu, että silloin ei menetä noita aiempia palautuspisteitä. Mutta periaatteessa kumpi vaan tapa käy

 

Aivan. Ja yleensä eScan on löytäny jotain muita pieniä yllätyksiä siinä samalla =)

 

@Sean_: Näin on kokemus osoittanut, kyllä

 

no tässäpä tämä eScan logi nyt on.

File C:\Documents and Settings\harri\Application Data\Bib program poll\hohceozv.exe tagged as not-a-virus:AdWare.Lop.j. No Action Taken.

ja tässä on vielä files scanned lista.

Mon Sep 26 17:21:16 2005 => Checking for Pagabot Virus...
Mon Sep 26 17:21:16 2005 => Checking for Parite.b Virus...
Mon Sep 26 17:21:16 2005 => Checking for Parite.a Virus...

Mon Sep 26 17:21:16 2005 => ***** Scanning complete. *****
Mon Sep 26 17:21:17 2005 => Total Number of Files Scanned: 151179
Mon Sep 26 17:21:17 2005 => Total Number of Virus(es) Found: 1
Mon Sep 26 17:21:17 2005 => Total Number of Disinfected Files: 0
Mon Sep 26 17:21:17 2005 => Total Number of Files Renamed: 0
Mon Sep 26 17:21:17 2005 => Total Number of Deleted Files: 0
Mon Sep 26 17:21:17 2005 => Total Number of Errors: 14
Mon Sep 26 17:21:17 2005 => Time Elapsed: 03:11:54
Mon Sep 26 17:21:17 2005 => Virus Database Date: 2005/09/18
Mon Sep 26 17:21:17 2005 => Virus Database Count: 149848

poistaako tämä eScan automaattisesti virukset sun muut turhat vai pitääkö poistaa erikseen käsin?.niin sen kyllä ymmärsin että poistaa itse. niin ja palaan vielä tohon Hijack asetuksiin kun lähetin ton login niin en ollu muuttanut mitään sen asetuksista luin täältä toisaalta että toi generate startuplist sais ruksata molemmat,ja entäs alempana olevasta advacend settingistä sielä olis kans pari ruksattavaa kohtaa,olisko nekin hyvä olla ruksattuna?.ja meillä on koneella kaksi käyttäjää eli olisko hyvä lähettää toinenki Hijack-logi ?.niin ja vielä kuinka usein tällä eScannilla voi koneen ajaa esim. kerran viikossa? vai vaan silloin kun ongelmia ilmenee.
mutta suuret kiitokset tähän astisista/tulevista neuvoista te kyllä tiedätte mitä puhutte.

 

Joo, ton lopin voit poistaa käsin eli poista hakemisto
C:\Documents and Settings\harri\Application Data\==>Bib program poll<==
vikasietotilassa (eli F8 käynnistyksen yhteydessä).

Virukset poistaa automaattisesti, mainos- ym. ohjelmat (kuten tuo lop) pitää poistaa käsin.

Ei tartte yleensä suoraan olla, jos ei muuten lokista näy, niin sitten voi pyytää ruksaamaan

Voihan sen juu ihan hyvin laittaa myös toisen käyttäjän puolelta.

Niin usein kun itse haluaa Itse scannaan kerran viikossa.

 

no niin se kansio löytyi sieltä piilosta lopultakin toivottavasti ei enää vaivaamaan.ja tässä olis toisen käyttäjän Hijack - logi

Logfile of HijackThis v1.99.1
Scan saved at 21:10:49, on 26.9.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguiexe.exe
C:\--PASK~1\SONYMP~1\SsAAD.exe
C:\--PASKAA ELI TÄNNE KAIKKI\netlimiter 1.30\NetLimiter\NetLimiter.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\DC++\DCPlusPlus.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\--PASK~1\SONYMP~1\SsAAD.exe
C:\--PASKAA ELI TÄNNE KAIKKI\netlimiter 1.30\NetLimiter\NetLimiter.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguiexe.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\--PASK~1\SPYWAR~1\SPYWAR~1\swdoctor.exe
C:\WINDOWS\system32\dwwin.exe
C:\Documents and Settings\gun-may\Työpöytä\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.greatstartpage.com/search_page.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.greatstartpage.com/search_page.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\--PASK~1\SONYMP~1\SsAAD.exe
O4 - HKLM\..\Run: [NetLimiter] C:\--PASKAA ELI TÄNNE KAIKKI\netlimiter 1.30\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\nbj.exe"
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\--PASK~1\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://makeover.ivillage.com/save/makeover.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O18 - Protocol: bw+0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F47BE5E8-3CF1-4D29-A4E2-585A612EF7A0} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - Unknown owner - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe

toivottavasti on puhdas

 

Siirrä HjT omaan kansioonsa C:n juureen näin C:\HjT\HijackThis.exe

Merkkaa nuo, sulje selain ja muut ikkunat, klikkaa Fix
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.greatstartpage.com/search_page.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.greatstartpage.com/search_page.html
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

Minusta tuo Logitech Desktop Messenger joutaisi poistoon, mutta se nyt on vain mielipiteeni, ei siis ole örkki.

 

no nii..poistin kaikki sen minkä neuvoit ja vielä sen logitech desktop..in.että kaikki pitäis olla kunnossa.
pari asiaa jäi vähä kaivelemaan koska asia kiinnostaa
tämä eScan pitää vissiin päivittää joka kerta kun sitä käyttää ?
ja toinen asia tosta HjT:stä (Siirrä HjT omaan kansioonsa C:n juureen näin C:\HjT\HijackThis.exe) miksi näin ? miksei voi olla esim työpöydällä.laitoin kyllä omaan kansioon c/lle.

 

Joo, eScanniin tulee päivityksiä tiuhaantahtiin eli kannattaa aina päivittää.
Tuolla HjT:stä
http://koti.mbnet.fi/pattaya1/hijackthis.htm#Asennus

 

minä taas täälä huolineni.asensin ton spyspot search & destroyn joka on mulla ollu aikaisemminkin koneella,poistin sen silloin aikaisemmin sen takia koska yleensä poistin kaiken minkä spyspot löysi ja niin lakkasi f-secure päivittämästä itseään ja muutenki toimi jotenki vajaasti.asensin f-securen uudestaan ja ajoin taas tolla spyspotilla niin sama juttu.silloin sen heitin roskiin.
ja nyt oon asentanut uudestaan ja muistaakseni nämä mitä se nyt löytää on juuri samoja mitä silloin aikoinani poistin.eli mitä ne ovat kannattaako vain ohittaa nämä.
tässä on siitä logi.

BackWeb lite: File extension (Registry key, nothing done)
HKEY_CLASSES_ROOT\bwpfile

BackWeb lite: File extension (Registry key, nothing done)
HKEY_CLASSES_ROOT\.bwp

BackWeb lite: Global settings (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\BackWeb

BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\.DEFAULT\Software\BackWeb

BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-21-336809978-3009342548-3091673561-1005\Software\BackWeb

BackWeb lite: User settings (Registry key, nothing done)
HKEY_USERS\S-1-5-18\Software\BackWeb

BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\.DEFAULT\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview

BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\S-1-5-21-336809978-3009342548-3091673561-1005\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview

BackWeb lite: Netscape viewer (Registry value, nothing done)
HKEY_USERS\S-1-5-18\Software\Netscape\Netscape Navigator\Viewers\application/x-bwpreview

Windows Security Center.AntiVirusOverride: Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride!=dword:0

BackWeb lite: Interface (IBackWebDisplaySettings4_2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{001B3F20-D866-11D1-8B4C-00609761C47A}

BackWeb lite: Interface (IBackWebChannel4_2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{025632A0-BCEC-11D1-8B35-00609761C47A}

BackWeb lite: Interface (IBackWebDirectoryEntry) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0C6E0440-0B50-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebDownloadTimeConstraint) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0D1F7C83-8123-11D0-B5CA-0000B43698D6}

BackWeb lite: Interface (IBackWebDownloadTimeConstraintCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0D1F7C84-8123-11D0-B5CA-0000B43698D6}

BackWeb lite: Interface (IBackWebExtension) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{0F4FE440-983F-11D0-9B9C-444553540000}

BackWeb lite: Interface (IBackWebGeneralSettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC3-61A7-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebDialerSettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC4-61A7-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebCommSettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC5-61A7-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebDisplaySettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC6-61A7-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebSetup) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{12473FC7-61A7-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebDirectory) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{15030BC0-0B52-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebStoryFieldCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{1D91D9E0-004B-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWeb2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{23F43240-F78D-11D0-9A50-00AA004812C2}

BackWeb lite: Interface (IBackWebInfoPakDownloadServices) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2DE07D90-DC04-11D0-A875-0000B43699FC}

BackWeb lite: Interface (IBackWebSetupNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2F099AF0-6329-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebChannelTableNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{2F523082-5A0B-11D0-9B9C-444553540000}

BackWeb lite: Interface (IBackWebSetup4) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3667E7B0-4F28-11D1-8ADB-00609761C47A}

BackWeb lite: Interface (IBackWebFileAccess) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A6E-6F14-11D1-A884-0000B43699FC}

BackWeb lite: Interface (IBackWebInfoPakFilesCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A71-6F14-11D1-A884-0000B43699FC}

BackWeb lite: Interface (IBackWebInfoPakFile) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A74-6F14-11D1-A884-0000B43699FC}

BackWeb lite: Interface (IBackWebOpenInfoPakFile) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{3AF78A77-6F14-11D1-A884-0000B43699FC}

BackWeb lite: Interface (IBackWebDirectoryNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{41CEBDC0-32C1-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebStoryTableNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{44230BC0-3105-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebInfoPakNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{4A3666F3-5F2D-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWeb) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF355-5323-11D0-A864-0000B43699FC}

BackWeb lite: Interface (IBackWebChannelCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF35A-5323-11D0-A864-0000B43699FC}

BackWeb lite: Interface (IBackWebChannel) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{53FCF35B-5323-11D0-A864-0000B43699FC}

BackWeb lite: Interface (IBackWebStoryField) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{5B1E13A0-004B-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebDirectoryEntryCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{5DF6CE40-0B50-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebFileAccessViaDir) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{608FE360-6FB2-11D1-A885-0000B43699FC}

BackWeb lite: Interface (IBackWebInfoPak4_2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{610141C2-7701-11D1-B042-004095903824}

BackWeb lite: Interface (IBackWebAlertSettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{72B62B40-17D1-11D1-96A7-F8E906C10000}

BackWeb lite: Interface (IBackWeb4) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{740904E0-0BFB-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebPlayer) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8028B940-4932-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebAllInfoPakCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{8131F530-649E-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebChannelDownloadServices) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9132E380-DC21-11D0-A875-0000B43699FC}

BackWeb lite: Interface (IBackWebItemDownloadServices) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{93BF8F00-DBE8-11D0-A875-0000B43699FC}

BackWeb lite: Interface (IBackWebChannel2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9647FB70-DC0F-11D0-A875-0000B43699FC}

BackWeb lite: Interface (IBackWebStoryCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46422-FF61-11D0-9951-444553540000}

BackWeb lite: Interface (IBackWebAllStoryCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46423-FF61-11D0-9951-444553540000}

BackWeb lite: Interface (IBackWebStory) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{9DB46424-FF61-11D0-9951-444553540000}

BackWeb lite: Interface (IBackWebChannelVariableCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{A4BC67F0-6C90-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebChannel4) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{AEE96320-2131-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebCommunications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{BAD37BC0-2231-11D1-9951-444553540000}

BackWeb lite: Interface (IBackWebChannelCollection4) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{BCD0C200-69C1-11D1-8AF8-00609761C47A}

BackWeb lite: Interface (IBackWebFilterSettings) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{C8CEEEE0-17D6-11D1-96A7-F8E906C10000}

BackWeb lite: Interface (IBackWebApplicationNotifications) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{D0894D60-6C6C-11D0-A866-0000B43699FC}

BackWeb lite: Interface (IBackWebGeneralSettings2) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{E01AD640-F87D-11D0-9A50-00AA004812C2}

BackWeb lite: Interface (IBackWebInfoPakCollection) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{EB1FFFC1-5688-11D0-A865-0000B43699FC}

BackWeb lite: Interface (IBackWebInfoPak) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{EB1FFFC2-5688-11D0-A865-0000B43699FC}

BackWeb lite: Interface (IBackWebChannelVariable) (Registry key, nothing done)
HKEY_LOCAL_MACHINE\Software\Classes\Interface\{FEFCA7F0-6C8E-11D0-A866-0000B43699FC}


--- Spybot - Search & Destroy version: 1.4 (build: 20050523) ---

2005-05-31 blindman.exe (1.0.0.1)
2005-05-31 SpybotSD.exe (1.4.0.3)
2005-05-31 TeaTimer.exe (1.4.0.2)
2005-09-28 unins000.exe (51.41.0.0)
2005-05-31 Update.exe (1.4.0.0)
2005-05-31 advcheck.dll (1.0.2.0)
2005-05-31 aports.dll (2.1.0.0)
2005-05-31 borlndmm.dll (7.0.4.453)
2005-05-31 delphimm.dll (7.0.4.453)
2005-05-31 SDHelper.dll (1.4.0.0)
2005-05-31 Tools.dll (2.0.0.2)
2005-05-31 UnzDll.dll (1.73.1.1)
2005-05-31 ZipDll.dll (1.73.2.0)
2005-09-23 Includes\Cookies.sbi (*)
2005-09-23 Includes\Dialer.sbi (*)
2005-09-23 Includes\Hijackers.sbi (*)
2005-09-23 Includes\Keyloggers.sbi (*)
2004-11-29 Includes\LSP.sbi (*)
2005-09-23 Includes\Malware.sbi (*)
2005-09-23 Includes\PUPS.sbi (*)
2005-09-23 Includes\Revision.sbi (*)
2005-09-23 Includes\Security.sbi (*)
2005-09-23 Includes\Spybots.sbi (*)
2005-02-17 Includes\Tracks.uti
2005-09-23 Includes\Trojans.sbi (*)

 

Älä missään nimessä poista niitä.Laita BackWeb lite ohitettavien listalle seuraavasti: Spybotissa Mode -> advanced mode-> settings -> ohitettavat kohteet. Etsi BackWeb Lite ja laita rasti eteem. Nyt ei enää Spybot yritä poistaa BackWeb liteä.

 

hyvä tietää no entäs siinä samassa skannauksessa tuleva Windows Security Center.AntiVirusOverride 1 entries ja siitä aukee tällanen
HKEY_LOCAL_MACHINE\SOFTVARE\Microsoft\Sec...
KIITOKSET TAAS SINNE

 

Jos virustentorjuntaohjelma toimii ok, niin laita tämä ->
Windows Security Center.AntiVirusOverride samalla tavalla ohitettavien listalle kuin BackWeb Lite. Oletko valinnut Tietoturvakeskuksessa, että "käytössä on virustentorjuntaohjelma, jota valvon itse"?

 

en ole valinnut Tietoturvakeskuksessa mitään kuinka tarkoitat jos sais sen neuvon niinku rautalangasta vääntäen

 

Saa toki Eli jos menet Ohjauspaneeli -> Tietoturvakeskus ja siellä Virusten torjunta ja Suositukset..., niin onko rasti kohdassa "käytössä on virustentorjuntaohjelma, jota valvon itse"?

 

hehe.. joo kyllä rasti oli sielä "käytössä on virustentorjuntaohjelma, jota valvon itse"

 

Selvä, niin arvelinkin. Sitten voit laittaa tämän -> Windows Security Center.AntiVirusOverride ohitettavien listalle Spybotissa samalla tavalla kuin sen BackWeb Litenkin.