Netti hidas, messenger lähettelee omiaan

doctoriv · Sep 8, 2008

Tuli kavereilta ilmotus, että messenger lähettelee ihmeellisiä linkkejä. Netti on ollut hidas jo parin viikon ajan.

Oon tarkistanut kiintolevyt nyt avastilla, AVG Anti-Spywarella ja Spybot - Search & Destroylla.
Ei ainakaan vielä netin nopeuteen oo mitään muutoksia tullut.

Jos joku viitsisi tarkistaa tuon Hijackin login läpi, löytyiskö sieltä vielä jotakin ihmeelistä.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:49:22, on 8.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Opera\opera.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wscntfy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/english
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 7281 bytes

Kiitoksia jo etukäteen.

Hujo · Sep 8, 2008

Poista lisää poista sovelutuksesta

AVG Anti-Spyware 7.5
Spybot - Search & Destroy

===========

Poista kansiot vikasiedossa.

C:\Program Files\Grisoft
C:\Program Files\Spybot - Search & Destroy

==============

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

=================

vaihda mesengeriin salasana

doctoriv · Sep 9, 2008

Kiitoksia ohjeista.

Sain kyllä kaikki pois mitä ilmoitit, mutta netti on vieläkin uskomattoman hidas. Saattaa mennä liki minuutti välillä jonkun yksinkertaisen sivun aukeamiseen. Sitä on nyt tosiaan jonkun pari-kolme viikkoa jatkunut. Sitä ennemmin aina kaikki aukes oikeastaan heti kun linkkiä klikkasi.

Tässä olisi vielä uusi HJT loki, jos siinä sattuisi vielä jotain kummallista näkymään.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:50:45, on 9.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 5657 bytes

Hujo · Sep 9, 2008

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

=============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

================

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

doctoriv · Sep 10, 2008

Eli kaikki tsekkauksest on nyt tehty. Tästä tulisi nuo kaikki lokit.

ComboFix 08-09-05.12 - Jani Kriikkula 2008-09-10 0:52:12.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.451 [GMT 3:00]
Running from: C:\Documents and Settings\Jani Kriikkula\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((( Files Created from 2008-08-09 to 2008-09-09 )))))))))))))))))))))))))))))))
.

2008-09-08 18:48 . 2008-09-08 18:48 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-09-08 17:52 . 2008-09-08 18:48 <KANSIO> d-------- C:\HiJack
2008-09-07 18:57 . 2008-09-07 18:57 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-08-19 09:44 . 2008-08-19 09:44 <KANSIO> d-------- C:\WINDOWS\system32\scripting
2008-08-19 09:44 . 2008-08-19 09:44 <KANSIO> d-------- C:\WINDOWS\system32\en
2008-08-19 09:44 . 2008-08-19 09:44 <KANSIO> d-------- C:\WINDOWS\system32\bits
2008-08-19 09:44 . 2008-08-19 09:44 <KANSIO> d-------- C:\WINDOWS\l2schemas
2008-08-19 09:37 . 2008-08-19 09:46 <KANSIO> d-------- C:\WINDOWS\ServicePackFiles
2008-08-19 09:14 . 2008-04-14 03:12 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2008-08-19 09:13 . 2008-04-14 03:11 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2008-08-13 23:00 . 2008-04-11 22:04 691,712 --------- C:\WINDOWS\system32\dllcache\inetcomm.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-09 04:47 --------- d-----w C:\Documents and Settings\Jani Kriikkula\Application Data\Skype
2008-09-08 21:01 --------- d-----w C:\Documents and Settings\Jani Kriikkula\Application Data\skypePM
2008-09-08 19:11 --------- d-----w C:\Documents and Settings\Jani Kriikkula\Application Data\OpenOffice.org2
2008-09-08 15:38 --------- d-----w C:\Program Files\AdVantage
2008-09-07 20:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-07 20:19 --------- d-----w C:\Program Files\No-IP
2008-09-02 07:16 --------- d-----w C:\Documents and Settings\Jani Kriikkula\Application Data\DNA
2008-09-01 14:22 --------- d-----w C:\Program Files\DNA
2008-08-25 08:47 --------- d-----w C:\Program Files\Opera
2008-08-19 07:29 --------- d-----w C:\Program Files\MSN Messenger
2008-08-19 06:19 --------- d-----w C:\Program Files\Java
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 19:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 19:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 19:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 19:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 19:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 19:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 19:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 19:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-09 17:12 --------- d-----w C:\Program Files\QuickTime
2008-07-09 17:08 --------- d-----w C:\Program Files\Apple Software Update
2008-07-07 20:26 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:26 253,952 ------w C:\WINDOWS\system32\dllcache\es.dll
2008-06-26 08:15 619,520 ------w C:\WINDOWS\system32\dllcache\urlmon.dll
2008-06-26 08:15 1,499,136 ------w C:\WINDOWS\system32\dllcache\shdocvw.dll
2008-06-24 16:43 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:43 74,240 ------w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-23 15:09 666,112 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-23 15:09 666,112 ------w C:\WINDOWS\system32\dllcache\wininet.dll
2008-06-23 15:09 3,067,392 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-20 17:46 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:46 245,248 ------w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:46 147,968 ------w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 11:51 361,600 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 11:40 138,496 ------w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 11:08 225,856 ------w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-13 11:05 272,128 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-04-07 09:11 3,296 ----a-w C:\Documents and Settings\Jani Kriikkula\Application Data\wklnhst.dat
2008-01-31 19:37 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-07-30 07:10 5,548 ----a-w C:\Documents and Settings\Jani Kriikkula\kehqoy.exe
2006-09-13 09:22 5,274,817 ----a-r C:\Program Files\nhl2007.exe
2002-07-02 23:36 637,440 ----a-w C:\Program Files\War3.exe
.

((((((((((((((((((((((((((((( snapshot@2008-09-08_17.34.17.46 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-09-09 20:34:35 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_5e4.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 64512]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 7630848]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-07-19 78008]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-02 C:\WINDOWS\arpwrmsg.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-10-30 C:\WINDOWS\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2007-12-17 110592]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]
HP Photosmart Premier -pikak„ynnistys.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2006-02-10 73728]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\ldc++\\LDCPlusPlus.exe"=
"C:\\StubInstaller.exe"=
"C:\\Uusi kansio\\adxv4\\Warplanet Lobby.EXE"=
"C:\\Uusi kansio\\adxv4\\UPDATE.EXE"=
"C:\\Uusi kansio\\adxv4\\public Lobby.EXE"=
"C:\\Program Files\\NovaLogic\\adxv4\\public Lobby.EXE"=
"C:\\Program Files\\NovaLogic\\adxv4\\Warplanet Lobby.EXE"=
"C:\\Temp\\Ldc++\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe"=
"C:\\Program Files\\dc++\\DCPlusPlus.exe"=
"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\javaw.exe"=
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\DNA\\btdna.exe"=
"C:\\Program Files\\mIRC\\mirc.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1412:TCP"= 1412:TCP:joo
"412:TCP"= 412:TCP:k
"1412:UDP"= 1412:UDP:l
"412:UDP"= 412:UDP:h
"3389:TCP"= 3389:TCPxpsp2res.dll,-22009
"1723:TCP"= 1723:TCPxpsp2res.dll,-22015
"1701:UDP"= 1701:UDPxpsp2res.dll,-22016
"500:UDP"= 500:UDPxpsp2res.dll,-22017

R0 xmasbus;xmasbus;C:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 140800]
R0 xmasscsi;xmasscsi;C:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-20 5504]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 HCW88AUD;Hauppauge WinTV 88x Audio Capture;C:\WINDOWS\system32\drivers\hcw88aud.sys [2006-06-16 11970]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R3 HCW88BDA;Hauppauge WinTV 88x DVB Tuner/Demod;C:\WINDOWS\system32\drivers\hcw88bda.sys [2006-06-16 207424]
R3 HCW88TSE;Hauppauge WinTV 88x MPEG/TS Capture;C:\WINDOWS\system32\drivers\hcw88tse.sys [2006-06-16 299843]
R3 HCW88TUNE;Hauppauge WinTV 88x Tuner;C:\WINDOWS\system32\drivers\hcw88tun.sys [2006-06-16 148545]
R3 hcw88vid;Hauppauge WinTV 88x Video;C:\WINDOWS\system32\drivers\hcw88vid.sys [2006-06-16 497216]
R3 HCW88XBAR;Hauppauge WinTV 88x Crossbar;C:\WINDOWS\system32\drivers\HCW88BAR.sys [2006-06-16 23104]
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 7040]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-09-05 217600]
S3 VNic;ULan Network Driver Module;C:\WINDOWS\system32\DRIVERS\VNic.sys [2003-06-03 57516]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\Shell\AutoRun\command - L:\LaunchU3.exe -a
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.fi/
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 00:53:50
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-09-10 0:54:58
ComboFix-quarantined-files.txt 2008-09-09 21:54:46
ComboFix2.txt 2008-09-08 14:34:44

Pre-Run: 89,966,882,816 bytes free
Post-Run: 89,953,148,928 tavua vapaana

187 --- E O F --- 2008-08-20 06:17:16

------------------------------------------------

Malwarebytes' Anti-Malware 1.27
Tietokantaversio: 1133
Windows 5.1.2600 Service Pack 3

10.9.2008 8:36:19
mbam-log-2008-09-10 (08-36-19).txt

Tarkistustyyppi: Täysi tarkistus (C:\|)
Tarkistetut kohteet: 149835
Kulunut aika: 42 minute(s), 36 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 9
Saastuneita tiedostoja: 259

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\promo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
C:\Casino\PAF Diamond Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\history_0805.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session153472514.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session153477952.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session153510819.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session153791178.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154051090.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154052999.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154055744.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154059719.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154139866.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\session154142494.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\2078061\stats_GAME_THM.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\promo\club-paf-freeroll_fi.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\info.cmd (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\image041.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\image080.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_13.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_16.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_4.zip (Backdoor.Bot) -> Quarantined and deleted successfully.
C:\WINDOWS\photos2007_64.zip (Backdoor.Bot) -> Quarantined and deleted successfully.

Hujo · Sep 10, 2008

nykäse tuo SDFix by AndyManchesta

doctoriv · Sep 10, 2008

------------------------------------------------------------

SDFix: Version 1.223
Run by Jani Kriikkula on ke 10.09.2008 at 08:45

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Jani Kriikkula\Desktop\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

Trojan Files Found:

C:\WINDOWS\album2.zip - Deleted
C:\WINDOWS\album23.zip - Deleted
C:\WINDOWS\album26.zip - Deleted
C:\WINDOWS\album47.zip - Deleted
C:\WINDOWS\album77.zip - Deleted

Folder C:\Documents and Settings\Jani Kriikkula\Application Data\Macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#w*w.redtube.com - Removed

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 08:50:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:5167af50
"s2"=dword:3265d503
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e8,f6,6b,ce,9f,68,e9,12,19,57,83,c1,37,e3,7e,66,b6,ec,7c,1e,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e8,f6,6b,ce,9f,68,e9,12,19,57,83,c1,37,e3,7e,66,b6,ec,7c,1e,c4,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"h0"=dword:00000000
"ujdew"=hex:e8,f6,6b,ce,9f,68,e9,12,19,57,83,c1,37,e3,7e,66,b6,ec,7c,1e,c4,..

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\ldc++\\LDCPlusPlus.exe"="C:\\ldc++\\LDCPlusPlus.exe:*:Enabled:LDC++"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Uusi kansio\\adxv4\\Warplanet Lobby.EXE"="C:\\Uusi kansio\\adxv4\\Warplanet Lobby.EXE:*:Enabled:Warplanet Lobby"
"C:\\Uusi kansio\\adxv4\\UPDATE.EXE"="C:\\Uusi kansio\\adxv4\\UPDATE.EXE:*:Enabled:UPDATE"
"C:\\Uusi kansio\\adxv4\\public Lobby.EXE"="C:\\Uusi kansio\\adxv4\\public Lobby.EXE:*:Enabledublic Lobby"
"C:\\Program Files\\NovaLogic\\adxv4\\public Lobby.EXE"="C:\\Program Files\\NovaLogic\\adxv4\\public Lobby.EXE:*:Enabledublic Lobby"
"C:\\Program Files\\NovaLogic\\adxv4\\Warplanet Lobby.EXE"="C:\\Program Files\\NovaLogic\\adxv4\\Warplanet Lobby.EXE:*:Enabled:Warplanet Lobby"
"C:\\Temp\\Ldc++\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe"="C:\\Temp\\Ldc++\\LDC++ 1.00 v2a-bin\\LDCPlusPlus.exe:*:Enabled:LDC++"
"C:\\Program Files\\dc++\\DCPlusPlus.exe"="C:\\Program Files\\dc++\\DCPlusPlus.exe:*:EnabledC++"
"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\javaw.exe"="C:\\Program Files\\Java\\jre1.5.0_11\\bin\\javaw.exe:*:Enabled:Java(TM) 2 Platform Standard Edition binary"
"C:\\Program Files\\BitTorrent_DNA\\dna.exe"="C:\\Program Files\\BitTorrent_DNA\\dna.exe:*:Enabled:BitTorrent DNA"
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"="C:\\Program Files\\Warcraft III\\Warcraft III.exe:*:Enabled:Warcraft III"
"C:\\WINDOWS\\system32\\dpvsetup.exe"="C:\\WINDOWS\\system32\\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:EnabledNA"
"C:\\Program Files\\mIRC\\mirc.exe"="C:\\Program Files\\mIRC\\mirc.exe:*:Enabled:mIRC"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

Remaining Files :

File Backups: - C:\DOCUME~1\JANIKR~1\Desktop\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 4 Apr 2001 28,738 ...HR --- "C:\Office\MSDE2000\SQLRESLD.DLL"
Sun 18 Feb 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 4 Apr 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Wed 10 Sep 2008 84 A..H. --- "C:\Program Files\Common Files\X10\Common\x10prod.sys"
Thu 7 Dec 2006 3,096,576 A..H. --- "C:\Documents and Settings\Jani Kriikkula\Application Data\U3\temp\Launchpad Removal.exe"
Wed 10 Sep 2008 5,686 A.SH. --- "C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE1.tmp"
Wed 10 Sep 2008 5,940 A.SH. --- "C:\Documents and Settings\All Users\Documents\Recorded TV\TempRec\TempSBE\SBE2.tmp"

Finished!

-----------------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:32, on 10.9.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\arservice.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 5589 bytes

Hujo · Sep 10, 2008

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

===============

Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaner.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

==========

Mites kone toimii

doctoriv · Sep 10, 2008

Nyt itse toimii kone kyllä huomattavasti nopeammin.

Netti ei vieläkään mikään järin nopea kasimegaiseksi ole, mutta taisin löytää siihenkin jo vian.
Tuo alakerran naapuri käyttää samaa liittymää ja kävin vilkaisemassa sieläkin konetta. Spyware löysi sieltä tartuntoja jo liki pari tuhatta. Virustorjuntaohjelmankin päivitys on jo lähemmäs vuoden vanha.
Onhan sielä mitä ihmeellisimpiä sovelluksiakin ladattuna koneelle, että taitaisi helpoimmalla päästä jos tyhjää koko koneen ja asentaa käyttöjärjestelmän uudesta.

Oma kone toimii tosiaan nyt tosi hyvin, että suuret kiitokset sulle sinne!

Log in or Sign up

Netti hidas, messenger lähettelee omiaan

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Share This Page

Log in or Sign up

Netti hidas, messenger lähettelee omiaan

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Hujo Guest

doctoriv Member

Share This Page

Useful Searches