netti välillä kaatuilee ja jää kone ihan jumiin

mago1 · Feb 4, 2006

Joo ajattelin kysäistä täältä, et osaisko joku neuvoa, ku netti välillä kaatuilee ja jää kone ihan jumiin. On f-secure käytössä ja sillä ku tarkistin koneen ni ei löydy viruksia, mut oli tosi monta tiedostoa mitä ei pystyny avaa. Scannasin tolla ewidolla tän, ni se kyl löysi jotain ja poisti ne, mut ei siltikään auta.

spertti · Feb 4, 2006

Voisi olla vaikkapa osoite kaapattu.

Laita HjT-loki, ohjelman saat täältä -> http://koti.mbnet.fi/pattaya1/lataus/hijackthis_self.exe . Asenna hakemistoon c:\hjt, käynnistä, klikkaa do a system scan and save a logfile ja lähetä loki tänne.

mago1 · Feb 4, 2006

Logfile of HijackThis v1.99.1
Scan saved at 17:40:19, on 4.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Marko Sillanpaa\My Documents\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: C:\WINDOWS\system32\miamore32.dll - {1559C6FD-8BDE-476E-98C7-871E59193FCE} - C:\WINDOWS\system32\miamore32.dll (file missing)
O2 - BHO: C:\WINDOWS\system32\atmpvc.dll - {7DBA5E61-9C51-4365-ACD2-DE684E133F8C} - C:\WINDOWS\system32\atmpvc.dll (file missing)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Microsoft Update] wuamgrd.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int164706.exe -auto
O4 - HKLM\..\Run: [90ae34.exe] 90ae34.exe
O4 - HKLM\..\Run: [bundleouter3401040401.exe] bundleouter3401040401.exe
O4 - HKLM\..\Run: [istinstall_zazzer.exe] istinstall_zazzer.exe
O4 - HKLM\..\Run: [vnmispoisn_downloader.exe] vnmispoisn_downloader.exe
O4 - HKLM\..\Run: [searchbar] C:\WINDOWS\System32\vnmispoisn_downloader.exe
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1012.dll,InstantAccess
O4 - HKCU\..\Run: [Steam] C:\Program Files\Valve\Steam\\Steam.exe -silent
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe
O4 - Startup: Registration Brothers In Arms.LNK = F:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp

(file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Options - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Palvelut - {1CF1800E-E7BE-4E27-8943-678602A57BA4} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {29919F02-51AF-4695-A68F-DA4CD84113C4} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {67E033B6-DF58-46C9-B303-71CD3FB41208} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Support - {92CDBC49-D573-4613-B7D0-ADAA570711D0} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Service - {9DCF7CA8-0E0D-4E46-B437-15E0719F1515} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS - {AFB2911A-F09C-4F23-AB6F-FDCB7DC10E4E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_3_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -

http://a1540.g.akamai.net/7/1540/52....apple.com/saba/us/win/QuickTimeInstaller.exe
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_4_EN_XP.cab
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: eventss - C:\WINDOWS\system32\atmpvc.dll (file missing)
O20 - Winlogon Notify: lindow - C:\WINDOWS\system32\miamore32.dll (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. -

C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa

Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

spertti · Feb 4, 2006

Jepjep... Vai että "pientä" hidastelua. kone on ainakin ihan täynnä örkkejä...

Ihan ensin siirä HjT omaan kansioonsa. Esim C:\HjT\HijackThis.exe

Poista ohjaupaneelin kautta ( lisää/poista sovelluksia )
Websx
AltNet
Spyware Stormer

Fixaa Nämä HjT:lla

R3 - URLSearchHook: (no name) - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: C:\WINDOWS\system32\miamore32.dll - {1559C6FD-8BDE-476E-98C7-871E59193FCE} - C:\WINDOWS\system32\miamore32.dll (file missing)
O2 - BHO: C:\WINDOWS\system32\atmpvc.dll - {7DBA5E61-9C51-4365-ACD2-DE684E133F8C} - C:\WINDOWS\system32\atmpvc.dll (file missing)
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int164706.exe -auto
O4 - HKLM\..\Run: [90ae34.exe] 90ae34.exe
O4 - HKLM\..\Run: [bundleouter3401040401.exe] bundleouter3401040401.exe
O4 - HKLM\..\Run: [istinstall_zazzer.exe] istinstall_zazzer.exe
O4 - HKLM\..\Run: [vnmispoisn_downloader.exe] vnmispoisn_downloader.exe
O4 - HKLM\..\Run: [searchbar] C:\WINDOWS\System32\vnmispoisn_downloader.exe
O4 - HKLM\..\Run: [AltnetPointsManager] C:\Program Files\Altnet\Points Manager\Points Manager.exe -s
O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
O4 - HKLM\..\RunServices: [Microsoft Update] wuamgrd.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1012.dll,InstantAccess
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\WINDOWS\system32\miamore32.dll (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Options - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\WINDOWS\system32\miamore32.dll (file missing)
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O20 - Winlogon Notify: eventss - C:\WINDOWS\system32\atmpvc.dll (file missing)
O20 - Winlogon Notify: lindow - C:\WINDOWS\system32\miamore32.dll (file missing)
O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

Hae eScan. Asenna ja päivitä, mutta älä tee vielä muuta
Päivitä myös Ewido

Käynnistä vikasietotilaan, ( F8 käynnistyksen yhteydessä ) ja poista nämä jos löytyy

C:\WINDOWS\System32\wuamgrd.exe
C:\WINDOWS\system32\miamore32.dll
C:\WINDOWS\system32\atmpvc.dll
C:\WINDOWS\System32\vnmispoisn_downloader.exe
C:\Program Files\Altnet <kansio
C:\Program Files\Spyware Stormer <kansio

Skannaa sekä Ewidolla, että eScanilla vikasietotilassa, ja tallenna raportti Ewidosta. eSanista kopioit ne alalaatikon löydöt ( ohjeet latauslinkissä ) ja tallennat vaikka notepadiin.

Käynnistä uudelleen, ja laita uusi HjT-loki + eScanin ja Ewidon löydökset

pkaksp · Feb 4, 2006

@mago1

Vaikkei kaikkea aina heti tajuakkaan, niin otsikkoon voisi silti yrittää panostaa enemmän. Muokkasin otsikkoa paremmaksi.

mago1 · Feb 5, 2006

Logfile of HijackThis v1.99.1
Scan saved at 12:34:36, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\macromed\flash\GetFlash.exe
C:\hjt\hijack\HijackThis.exe
C:\WINDOWS\system32\drwtsn32.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe
O4 - Startup: Registration Brothers In Arms.LNK = F:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Palvelut - {1CF1800E-E7BE-4E27-8943-678602A57BA4} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {29919F02-51AF-4695-A68F-DA4CD84113C4} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {67E033B6-DF58-46C9-B303-71CD3FB41208} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Support - {92CDBC49-D573-4613-B7D0-ADAA570711D0} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Service - {9DCF7CA8-0E0D-4E46-B437-15E0719F1515} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS - {AFB2911A-F09C-4F23-AB6F-FDCB7DC10E4E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_3_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52....apple.com/saba/us/win/QuickTimeInstaller.exe
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_4_EN_XP.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

File C:\WINDOWS\system32\bundleouter3401040401.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\Documents and Settings\Jenni Saarela\Local Settings\Temp\GLB1.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\Documents and Settings\Jenni Saarela\Local Settings\Temp\GLB8.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\Documents and Settings\Marko Sillanpaa\Local Settings\Temp\GLB1.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\WINDOWS\system32\bundleouter3401040401.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\WINDOWS\system32\bundleouter3401040401.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\Documents and Settings\Jenni Saarela\Local Settings\Temp\GLB1.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\Documents and Settings\Jenni Saarela\Local Settings\Temp\GLB8.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\Documents and Settings\Marko Sillanpaa\Local Settings\Temp\GLB1.tmp tagged as not-a-virus:AdWare.Win32.VirtualBouncer. No Action Taken.
File C:\WINDOWS\system32\bundleouter3401040401.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
vSun Feb 05 09:29:21 2006 => ---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 11:47:44, 5.2.2006
+ Report-Checksum: 78BBDF06

+ Scan result:

No infected objects found.

::Report End En löytäny noita poistettavia juttuju, muita ku ton spyware stormerin.

spertti · Feb 5, 2006

Laita piilotiedostot näkyviin, ohje ->
http://keskustelu.afterdawn.com/thread_view.cfm/248944

Käynnistä vikasietotilaan.

Poista nämä

C:\WINDOWS\system32\bundleouter3401040401.exe <----- Tämän filun poistat
C:\Documents and Settings\Jenni Saarela\Local Settings\Temp <--- Tyhjennä tämä Temp kansio. Älä kuitenkaan poista kansiota, vain sen sisältö.

Ja jos nämä jäivät vielä silloin aiemmin, niin kokeilepa etsiä ne nyt.
C:\WINDOWS\System32\wuamgrd.exe
C:\WINDOWS\system32\miamore32.dll
C:\WINDOWS\system32\atmpvc.dll
C:\WINDOWS\System32\vnmispoisn_downloader.exe
C:\Program Files\Altnet <kansio

Laita sen jälkeen uusi HjT-loki

mago1 · Feb 5, 2006

Joo en mä tiedä mikä on, mut ei vaan löydy noita tiedostoja. Laitoin noitten ohjeitten mukaan näkyviin noi piilotiedostot ja käynnistin tossa safe modessa. Yritin tolla windowsin searc jutullaki etsiä, mut ei. Ainut minkä löysin tuolta system32 kansiosta ni oli toi bundleouter.

spertti · Feb 5, 2006

No sitten kokeillaan killboxia > http://koti.mbnet.fi/pattaya1/pocket_killbox.htm

Pura,avaa ja täppi kohtaan Delete on Reboot
Sitte kopioi rivit tosta alapuolelta yhellä kertaa

C:\WINDOWS\system32\bundleouter3401040401.exe
C:\WINDOWS\System32\wuamgrd.exe
C:\WINDOWS\system32\miamore32.dll
C:\WINDOWS\system32\atmpvc.dll
C:\WINDOWS\System32\vnmispoisn_downloader.exe

Sitten KillBoxissa ylhäältä File > Paste from Clipboard
Valitse "All Files".Sen jälkeen paina Delete (punainen, jossa on valkonen X)
Vastaa myöntävästi kysymyksiin ja jos kone ei itestään käynnisty uudestaan,niin käynnistä se.

Lähetä sen jälkeen uus Hijack-logi.

mago1 · Feb 5, 2006

Logfile of HijackThis v1.99.1
Scan saved at 20:28:22, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hjt\hijack\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Startup: Registration .LNK = C:\Program Files\Ubisoft\Prince of Persia Warrior Within\Support\Register\RegistrationReminder.exe
O4 - Startup: Registration Brothers In Arms.LNK = F:\Support\Register\RegistrationReminder.exe
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav Help - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Palvelut - {1CF1800E-E7BE-4E27-8943-678602A57BA4} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {29919F02-51AF-4695-A68F-DA4CD84113C4} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {67E033B6-DF58-46C9-B303-71CD3FB41208} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Support - {92CDBC49-D573-4613-B7D0-ADAA570711D0} - http://tuki.elisa.net/ (file missing) (HKCU)
O9 - Extra button: Service - {9DCF7CA8-0E0D-4E46-B437-15E0719F1515} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS - {AFB2911A-F09C-4F23-AB6F-FDCB7DC10E4E} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) - http://www.drivershq.com/DD_v4.CAB
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_3_EN_XP.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52....apple.com/saba/us/win/QuickTimeInstaller.exe
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_4_EN_XP.cab
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Client - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Windows Update Service (wuamgrd) - Unknown owner - C:\WINDOWS\System32\wuamgrd.exe (file missing)

spertti · Feb 5, 2006

Kaikki muu on hyvin, paitsi tuo yksi pahis service.

Sammutat sen näin:

Käynnistä > suorita > services.msc > etsi listalta "Windows Update Service", tuplaklikkaa sitä ja valitse seis, ja käynnistystavaksi ei käytössä. Muuten kaikki onkin jo hyvällä mallilla =) Onkos ongelmat vähentyneet/poistuneet?

mago1 · Feb 5, 2006

Jees. Kiitoksia vaan. Kyllä nyt ainakin tällä hetkellä tuntuu toimivan paremmin. Olihan tää kone näköjään melko takussa.

spertti · Feb 5, 2006

Olihan se juu =) Jos ei vielä ole, niin kannattaa ehdottomasti vaihtaa selain joksikin muuksi kuin Internet Explorer. Itselläni on Mozilla Firefox, ja siinä sekä adblock, että NoScript laajennukset. Örkit pysyvät jo näin pienellä vaivannäöllä hyvin pois koneelta.

Log in or Sign up

netti välillä kaatuilee ja jää kone ihan jumiin

mago1 Member

spertti Active member

mago1 Member

spertti Active member

pkaksp Moderator Staff Member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

Share This Page

Log in or Sign up

netti välillä kaatuilee ja jää kone ihan jumiin

mago1 Member

spertti Active member

mago1 Member

spertti Active member

pkaksp Moderator Staff Member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

mago1 Member

spertti Active member

Share This Page

Useful Searches