Koneessa saattaa olla virus.

mijuve · 28.01.2009

Tuli yllättäen ilmoitus että virus havaittu, eikä sitä voitu puhdistaa. Kone sitten vain vaihtoi sen nimen, joten en tiiä auttaako se mitään. Hujo auta taas! :S Niin ja viimeksi oli virus jossain sound systemissä ja lopulta hävis äänet, eikä ne palautunu edes äänikortin ajureita uudelleen asennettaessa. Se oli 20€ huolto. Toivottavasti nyt on kyse eri viruksesta.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:55:49, on 28.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\AstSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sonera Tietoturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonera Tietoturva\Common\FCH32.EXE
C:\Program Files\Sonera Tietoturva\Common\FAMEH32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe
C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe
C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\fssm32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://soneraplaza.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sonera] "C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe" /P Sonera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1215162686265
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O18 - Protocol: bw+0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\AstSrv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe

--
End of file - 21079 bytes

AfterDawn

Hujo · 28.01.2009

Poista lisää poista sovelutuksesta

Logitech Desktop Messenger

===========

Scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe

===============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

mijuve · 28.01.2009

Malwarebytes kaatuu aina kun pitää valita, mitkä asemat halutaan tarkistaa. Lisäksi en HJT:lla löytänyt enää tuota logiteckdesktopmanageria. Liekkö siitä johtuu että poistin sen lisääpoista sovelluksista.
Yritän vielä tuota MBAW

E: Joo ei onnistu tuo full scan. Pika skannin se sai alotettua mutta ei sitä täysimittaista. Tänää muute mozillaki kaato parisen kertaa mikä on aika harvinaista.

Hujo · 29.01.2009

scannaa uusi hjt:n loki

Scannaa koneesi Kaspersky Online Scannerin

Ohjelman käynnistyessä kysytään sallitaanko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
" Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
" Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
" Klikkaa nyt asetuksia, Scan Settings
" Tarkista asetuksista, että seuraavat ovat valittuina:
o Scan using the following Anti-Virus database:
+ Extended (Jos valittavissa, muuten valitse Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
" Klikkaa OK
" Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
" Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
" Klikkaa nyt Save as Text-painiketta.
" Tallenna tiedosto työpöydällesi.
" Mikäli haluat jatkaa asian käsittelyä foorumissa niin kopioi tiedoston sisältö viestiisi.

mijuve · 29.01.2009

Uusin HJT

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:20:35, on 29.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\AstSrv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sonera Tietoturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe
C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Sonera Tietoturva\Common\FCH32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\fssm32.exe
C:\Program Files\Sonera Tietoturva\Common\FAMEH32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
C:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsav32.exe
C:\Program Files\Sonera Tietoturva\FSAUA\program\fsus.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://soneraplaza.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sonera] "C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe" /P Sonera
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1215162686265
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\AstSrv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe

--
End of file - 8264 bytes

Hujo · 29.01.2009

Mikäs on koneen toiminta

mijuve · 29.01.2009

Kone on nyt toiminut ihan ok. Tuo kaspersky ajaa tossa vielä. Tuo logitec juttu, missä se virus tais olla, tulee siinä näppis cd:n mukana. Miten se voi olla niin perseestä se ohjelma? Ei tainnu olla edes eka kerta ku käsket hjt:n kautta poistaa sen.

Se virus ilmoitus oli muuten javan nimissä tai jotai. Pistän sitä kaspersky logia tulee ku valmistuu.

Hujo · 29.01.2009

O18 - Protocol: bwz0 - {05EA141B-EFD5-44CB-B121-0B9FCF6EDB43} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Niin tuo on aivan turhaa edes asentaa koneelle ei pauku kuin mainoksia sieltä.

Kun asentelee Logitechin juttuja niin jättää asennusvaiheessa pois
Logitech Desktop Messengerin.

mijuve · 29.01.2009

Okei. Hyvä tietää tuo. Eli multa ei siis poistunu hiiren ja näppiksen softat selvästikään, mikä on hyvä tietenki. Ihme ku kestää noin kauan tuossa kasperskyssa.
Mitä sen javan kans pitäis tehdä? En pelaa enää mitää java pelejä mutta pelkästään pankkiasiointiin taitaa tarvita...

Hujo · 29.01.2009

Lataa JavaRa ja pura se työpöydällesi.

***Sulje kaikki päällä olevat Internet Explorerin ikkunat ennen jatkamista!***

* Tuplaklikkaa JavaRa.exeä käynnistääksesi ohjelma.
* Valitse English pudotusvalikosta valitaksesi kieleksi englannin ja klikkaa Select.
* Klikkaa Remove Older Versions poistaaksesi vanhat Java-versiot koneeltasi.
* Klikkaa Yes kun pyydetään. Kun JavaRa on valmis, se ilmoittaa, että lokitiedosto on luotu. Klikkaa OK.
* Lokitiedosto avautuu. Lähetä sen sisältö seuraavassa viestissäsi.

==========

anna vain javan olla koneella

käynnistä > ohjuspaneli > avaat javan > settings nappi > delete files > kahessa kohtaan täpit > ok ok ok

mijuve · 29.01.2009

Eli koneessa taitaa sittenkin olla se virus. :/

KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, January 29, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, January 29, 2009 11:02:00
Records in database: 1724238
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 103986
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:36:28

File name / Threat name / Threats count
C:\Program Files\TibiaBot NG\hook.0ll Infected: Backdoor.Win32.Agent.vrv 1

The selected area was scanned.

mijuve · 29.01.2009

JavaRa:

JavaRa 1.13 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Jan 29 17:25:22 2009

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_01

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.

Hujo · 29.01.2009

1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

älä asenna Palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

mijuve · 30.01.2009

Combofix ei suostu käynnistymään vaan se ikkuna näkyy vaan sinisenä. Yritin myös taas sitä antimalwarea ja se lähti käyntiin mutta kaatu saman tien.
Kone meni myös ihan jumiin sen kaatumisen takia ku koitin sitte lopettaa prosessia ja sovellusta ja vaikka mitä ja selainkaan ei auennut. Vittu näitä koneita.

Hujo · 30.01.2009

AVG Anti-Spyware v7.5.1.36

Joskus se on tämmöstä

mijuve · 30.01.2009

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:24:54 30.1.2009

+ Scan result:

C:\Documents and Settings\Omistaja\Cookies\omistaja@CALN09FU.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@CAQXN4XP.txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@connextra[2].txt -> TrackingCookie.Connextra : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@search.live[2].txt -> TrackingCookie.Live : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@CAISRR1G.txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@CAB4QRTB.txt -> TrackingCookie.Statistik-gallup : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@cms.trafficmp[1].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Omistaja\Cookies\omistaja@zedo[1].txt -> TrackingCookie.Zedo : No action taken.

::Report end

Hujo · 30.01.2009

Lataa SUPERAntiSpyware Free Edition asenna ja aja

===========

scannaa uusi hjt:n loki

mijuve · 31.01.2009

Vitsi ku en tajunnu tehdä sitä puhdistusta tolla AVG:llä vissiin. Ajanko senki uudestaan?

Hujo · 31.01.2009

keksit lähtee ccleanerilla

mijuve · 31.01.2009

Ajoin sillä super jutulla ja se löysi jotaki cookiesejä ja poisti ne.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:02:36, on 31.1.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\AstSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\FSGK32.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sonera Tietoturva\Common\FSMB32.EXE
C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sonera Tietoturva\Common\FCH32.EXE
C:\Program Files\Sonera Tietoturva\Anti-Virus\fssm32.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsqh.exe
C:\Program Files\Sonera Tietoturva\Common\FAMEH32.EXE
C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
C:\Program Files\Sonera Tietoturva\FSAUA\program\fsus.exe
C:\Program Files\Sonera Tietoturva\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe
C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Sonera Tietoturva\FSGUI\fsguidll.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://soneraplaza.fi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Sonera] "C:\Program Files\Sonera\InternetAvustaja\bin\sprtcmd.exe" /P Sonera
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Sonera Tietoturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Sonera Tietoturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1215162686265
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AST Service (astcc) - Nalpeiron Ltd. - C:\WINDOWS\system32\AstSrv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Anti-Virus\fsgk32st.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Sonera Tietoturva\ORSP Client\fsorsp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SupportSoft Sprocket Service (sonera) (sprtsvc_sonera) - SupportSoft, Inc. - C:\Program Files\Sonera\InternetAvustaja\bin\sprtsvc.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe

--
End of file - 8778 bytes

Kirjaudu tai liity jäseneksi

Koneessa saattaa olla virus.

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

Koneessa saattaa olla virus.

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Hujo Guest

mijuve Guest

Jaa tämä sivu

Hyödyllisiä hakuja