|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
VBG ja HjT logit
|
|
|
potemon
Newbie
|
20. helmikuuta 2008 @ 13:47 |
Linkki tähän viestiin
|
[02/19/2008, 21:40:13] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" )
[02/19/2008, 21:40:17] - Detected System Information:
[02/19/2008, 21:40:17] - Windows Version: 5.1.2600, Service Pack 2
[02/19/2008, 21:40:17] - Current Username: Marko (Admin)
[02/19/2008, 21:40:17] - Windows is in NORMAL mode.
[02/19/2008, 21:40:17] - Searching for Browser Helper Objects:
[02/19/2008, 21:40:17] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/19/2008, 21:40:17] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/19/2008, 21:40:17] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/19/2008, 21:40:17] - BHO 4: {7EB09E70-DCFE-4B1B-8BB3-62D2EC462A5D} ()
[02/19/2008, 21:40:17] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/19/2008, 21:40:17] - Checking for HKLM\...\Winlogon\Notify\ssqpp
[02/19/2008, 21:40:17] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing.
[02/19/2008, 21:40:17] - Finished Searching Browser Helper Objects
[02/19/2008, 21:40:17] - Finishing up...
[02/19/2008, 21:40:17] - Nothing found! Exiting...
[02/19/2008, 21:43:25] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" )
[02/19/2008, 21:43:33] - User choose NOT to continue. Exiting...
[02/19/2008, 21:45:24] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" )
[02/19/2008, 21:45:24] - Detected System Information:
[02/19/2008, 21:45:24] - Windows Version: 5.1.2600, Service Pack 2
[02/19/2008, 21:45:24] - Current Username: Marko (Admin)
[02/19/2008, 21:45:24] - Windows is in SAFE mode with Networking.
[02/19/2008, 21:45:24] - Searching for Browser Helper Objects:
[02/19/2008, 21:45:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/19/2008, 21:45:24] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} ()
[02/19/2008, 21:45:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/19/2008, 21:45:24] - Checking for HKLM\...\Winlogon\Notify\rqrqpom
[02/19/2008, 21:45:24] - Found: HKLM\...\Winlogon\Notify\rqrqpom - This is probably Virtumundo.
[02/19/2008, 21:45:24] - Assigning {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} MSEvents Object
[02/19/2008, 21:45:24] - BHO list has been changed! Starting over...
[02/19/2008, 21:45:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/19/2008, 21:45:24] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} (MSEvents Object)
[02/19/2008, 21:45:24] - ALERT: Found MSEvents Object!
[02/19/2008, 21:45:24] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/19/2008, 21:45:25] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/19/2008, 21:45:25] - BHO 5: {79536116-94D4-4983-BF50-835A2E4192FE} ()
[02/19/2008, 21:45:25] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/19/2008, 21:45:25] - Checking for HKLM\...\Winlogon\Notify\ssqpp
[02/19/2008, 21:45:25] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing.
[02/19/2008, 21:45:25] - Finished Searching Browser Helper Objects
[02/19/2008, 21:45:25] - *** Detected MSEvents Object
[02/19/2008, 21:45:25] - Trying to remove MSEvents Object...
[02/19/2008, 21:45:26] - Terminating Process: IEXPLORE.EXE
[02/19/2008, 21:45:26] - Terminating Process: RUNDLL32.EXE
[02/19/2008, 21:45:26] - Disabling Automatic Shell Restart
[02/19/2008, 21:45:26] - Terminating Process: EXPLORER.EXE
[02/19/2008, 21:45:26] - Suspending the NT Session Manager System Service
[02/19/2008, 21:45:26] - Terminating Windows NT Logon/Logoff Manager
[02/19/2008, 21:51:39] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" )
[02/19/2008, 21:51:41] - Detected System Information:
[02/19/2008, 21:51:41] - Windows Version: 5.1.2600, Service Pack 2
[02/19/2008, 21:51:41] - Current Username: Marko (Admin)
[02/19/2008, 21:51:41] - Windows is in NORMAL mode.
[02/19/2008, 21:51:41] - Searching for Browser Helper Objects:
[02/19/2008, 21:51:41] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/19/2008, 21:51:41] - BHO 2: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E} (MSEvents Object)
[02/19/2008, 21:51:41] - ALERT: Found MSEvents Object!
[02/19/2008, 21:51:41] - BHO 3: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/19/2008, 21:51:41] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/19/2008, 21:51:41] - BHO 5: {76C79A0A-7DA9-4A7F-8B3A-4A87E4831954} ()
[02/19/2008, 21:51:41] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/19/2008, 21:51:41] - Checking for HKLM\...\Winlogon\Notify\ssqpp
[02/19/2008, 21:51:41] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing.
[02/19/2008, 21:51:41] - Finished Searching Browser Helper Objects
[02/19/2008, 21:51:41] - *** Detected MSEvents Object
[02/19/2008, 21:51:41] - Trying to remove MSEvents Object...
[02/19/2008, 21:51:42] - Terminating Process: IEXPLORE.EXE
[02/19/2008, 21:51:42] - Terminating Process: RUNDLL32.EXE
[02/19/2008, 21:51:43] - Disabling Automatic Shell Restart
[02/19/2008, 21:51:43] - Terminating Process: EXPLORER.EXE
[02/19/2008, 21:51:43] - Suspending the NT Session Manager System Service
[02/19/2008, 21:51:43] - Terminating Windows NT Logon/Logoff Manager
[02/19/2008, 21:57:12] - Re-enabling Automatic Shell Restart
[02/19/2008, 21:57:12] - File to disable: C:\WINDOWS\system32\rqrqpom.dll
[02/19/2008, 21:57:12] - Renaming C:\WINDOWS\system32\rqrqpom.dll -> C:\WINDOWS\system32\rqrqpom.dll.vir
[02/19/2008, 21:57:13] - ! File rename was unsucessful.
[02/19/2008, 21:57:13] - Attempting to Deny Access to C:\WINDOWS\system32\rqrqpom.dll
[02/19/2008, 21:57:22] - *** IMPORTANT: Delete/Rename/Move on reboot (like Killbox) MAY NOT work.
[02/19/2008, 21:57:22] - ERROR: Ei kartoitusta tilinimien ja suojaustunnusten välillä.
[02/19/2008, 21:57:22] - *** IMPORTANT: The file is disabled and will need to be deleted by the user.
[02/19/2008, 21:57:22] - Removing HKLM\...\Browser Helper Objects\{0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E}
[02/19/2008, 21:57:22] - Removing HKCR\CLSID\{0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E}
[02/19/2008, 21:57:22] - Adding Kill Bit for ActiveX for GUID: {0E0A2AD5-1ADC-4EC3-90FC-0FB793C9259E}
[02/19/2008, 21:57:22] - Deleting ATLEvents/MSEvents Registry entries
[02/19/2008, 21:57:22] - Removing HKLM\...\Winlogon\Notify\rqrqpom
[02/19/2008, 21:57:22] - Searching for Browser Helper Objects:
[02/19/2008, 21:57:22] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/19/2008, 21:57:22] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/19/2008, 21:57:22] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/19/2008, 21:57:22] - BHO 4: {76C79A0A-7DA9-4A7F-8B3A-4A87E4831954} ()
[02/19/2008, 21:57:22] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/19/2008, 21:57:22] - Checking for HKLM\...\Winlogon\Notify\ssqpp
[02/19/2008, 21:57:22] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing.
[02/19/2008, 21:57:22] - Finished Searching Browser Helper Objects
[02/19/2008, 21:57:22] - Finishing up...
[02/19/2008, 21:57:22] - A restart is needed.
[02/19/2008, 22:08:10] - Attempting to Restart via STOP error (Blue Screen!)
[02/20/2008, 12:37:52] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Marko\Työpöytä\VirtumundoBeGone.exe" )
[02/20/2008, 12:37:54] - Detected System Information:
[02/20/2008, 12:37:54] - Windows Version: 5.1.2600, Service Pack 2
[02/20/2008, 12:37:54] - Current Username: Marko (Admin)
[02/20/2008, 12:37:54] - Windows is in NORMAL mode.
[02/20/2008, 12:37:54] - Searching for Browser Helper Objects:
[02/20/2008, 12:37:54] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader -linkkiavustaja)
[02/20/2008, 12:37:54] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} (Spybot-S&D IE Protection)
[02/20/2008, 12:37:54] - BHO 3: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/20/2008, 12:37:54] - BHO 4: {7BF36460-1EBF-406B-921D-FD11FE06016D} ()
[02/20/2008, 12:37:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/20/2008, 12:37:54] - Checking for HKLM\...\Winlogon\Notify\ssqpp
[02/20/2008, 12:37:54] - Key not found: HKLM\...\Winlogon\Notify\ssqpp, continuing.
[02/20/2008, 12:37:54] - Finished Searching Browser Helper Objects
[02/20/2008, 12:37:54] - Finishing up...
[02/20/2008, 12:37:54] - Nothing found! Exiting...
ja HjT logi
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:27, on 20.2.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\progra~1\steam\steam.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\F-Secure Internet Security\FSAUA\program\fsus.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\explorer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {FFB23963-2807-45AF-BC73-DE608EB07F45} - C:\WINDOWS\system32\ssqpp.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure Internet Security\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKCU\..\Run: [Steam] "c:\progra~1\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
--
End of file - 5796 bytes
ja vielä SDfix tulokset
SDFix: Version 1.144
Run by Marko on ke 20.02.2008 at 13:26
Microsoft Windows XP [versio 5.1.2600]
Running From: C:\SDFix
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Checking Files:
No Trojan Files Found
Removing Temp Files...
ADS Check:
Final Check:
catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 13:32:27
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s0"=dword:234dd1c2
"s1"=dword:7c1fd574
"s2"=dword:545d88a7
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1
Remaining Services:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Program Files\\uTorrent\\uTorrent.exe"="C:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
Remaining Files:
Files with Hidden Attributes:
Mon 28 Jan 2008 1,404,240 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 28 Jan 2008 5,146,448 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 28 Jan 2008 2,097,488 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Fri 5 Oct 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 9 Oct 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
näkyykö näissä mitään?
|
|
Hujo
Suspended permanently
|
21. helmikuuta 2008 @ 13:38 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
|
|
