Pomalé PC

Zpráva

petasmu · #16 Příspěvek od **petasmu** » 06 led 2012 22:58

ComboFix 12-01-06.01 - vasek 06.01.2012 22:47:36.1.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1279.766 [GMT 1:00]
Spuštěný z: c:\documents and settings\vasek\Plocha\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 101019-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\~SETUP.T
c:\documents and settings\vasek\WINDOWS
c:\windows\EventSystem.log
c:\windows\IsUn0405.exe
c:\windows\IsUn0407.exe
c:\windows\iun6002.exe
c:\windows\pkunzip.pif
c:\windows\pkzip.pif
c:\windows\regopt.log
c:\windows\system32\TZLog.log
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-06 do 2012-01-06 )))))))))))))))))))))))))))))))
.
.
2025-01-01 19:20 . 2025-01-01 19:20 -------- d-----w- C:\_OTM
2025-01-01 19:03 . 2001-10-24 11:25 57856 -c--a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2025-01-01 19:02 . 2004-08-18 12:00 45109 -c--a-w- c:\windows\system32\dllcache\imjpuex.exe
2025-01-01 19:01 . 2004-08-18 12:00 330752 -c--a-w- c:\windows\system32\dllcache\aqueue.dll
2025-01-01 18:58 . 2004-08-18 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2025-01-01 18:58 . 2004-08-18 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2025-01-01 18:50 . 2001-08-17 19:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2025-01-01 18:45 . 2004-08-18 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2025-01-01 18:45 . 2004-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2025-01-01 18:45 . 2004-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2025-01-01 18:45 . 2004-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2025-01-01 17:55 . 2025-01-01 17:55 -------- d-----w- c:\program files\Smart Projects
2025-01-01 17:49 . 2025-01-01 17:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Yandex
2025-01-01 17:48 . 2025-01-01 17:49 -------- d-----w- c:\documents and settings\vasek\Data aplikací\Yandex
2025-01-01 17:48 . 2025-01-01 17:50 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2025-01-01 17:47 . 2025-01-01 17:49 -------- d-----w- c:\program files\DAEMON Tools Lite
2025-01-01 17:47 . 2025-01-01 17:51 -------- d-----w- c:\documents and settings\vasek\Data aplikací\DAEMON Tools Lite
2025-01-01 17:47 . 2025-01-01 17:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2025-01-01 17:37 . 2025-01-01 17:37 -------- d-----w- c:\program files\Vypalovač
2012-01-06 21:21 . 2012-01-06 21:21 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{674FC9E6-52DC-482B-B75C-7C8869BAE84B}\offreg.dll
2012-01-06 20:26 . 2012-01-06 20:26 -------- d-----w- c:\windows\system32\CatRoot_bak
2012-01-06 20:22 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-01-06 20:19 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-01-06 20:18 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2012-01-06 20:18 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2012-01-06 20:18 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2012-01-06 20:18 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2012-01-06 20:10 . 2012-01-06 20:10 -------- d-----w- c:\program files\7-Zip
2012-01-06 19:57 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-01-06 19:57 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-01-06 19:57 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-01-06 19:57 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-01-06 19:57 . 2012-01-06 19:57 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-01-06 19:57 . 2012-01-06 19:57 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-01-06 19:57 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-01-06 19:44 . 2012-01-06 19:44 -------- d-----w- c:\program files\Lavalys
2012-01-01 16:37 . 2012-01-01 16:37 -------- d-----w- c:\program files\Defraggler
2012-01-01 16:36 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{674FC9E6-52DC-482B-B75C-7C8869BAE84B}\mpengine.dll
2011-12-22 16:07 . 2011-12-22 16:07 -------- d-----w- C:\NASA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-06 19:56 . 2007-03-29 07:17 163840 ----a-w- c:\windows\system32\S3Trayp.exe
2012-01-06 19:56 . 2007-03-29 07:17 53248 ----a-w- c:\windows\system32\VTTimer.exe
2012-01-06 19:56 . 2004-01-09 09:52 49152 ----a-w- c:\windows\system32\VTSetvga.exe
2012-01-06 19:56 . 2007-03-29 07:17 524288 ----a-w- c:\windows\system32\S3ovrlay.dll
2012-01-06 19:56 . 2007-03-29 07:17 327680 ----a-w- c:\windows\system32\S3Info2.dll
2012-01-06 19:56 . 2007-03-29 07:17 808448 ----a-w- c:\windows\system32\drivers\S3gIGPm.sys
2012-01-06 19:56 . 2007-03-29 07:17 739840 ----a-w- c:\windows\system32\S3gIGP.dll
2012-01-06 19:56 . 2007-03-29 07:17 6549504 ----a-w- c:\windows\system32\s3gIGPgl.dll
2012-01-06 19:56 . 2007-03-29 07:17 2465280 ----a-w- c:\windows\system32\s3gcil_inv.dll
2012-01-06 19:56 . 2007-03-29 07:17 638976 ----a-w- c:\windows\system32\S3Disply.dll
2012-01-06 19:56 . 2007-03-29 07:17 450560 ----a-w- c:\windows\system32\S3Gamma2.dll
2012-01-06 19:56 . 2007-03-29 07:17 380928 ----a-w- c:\windows\system32\S3Cfg3d.dll
2011-12-22 16:08 . 2007-08-13 15:50 805376 ----a-w- c:\windows\Nero Burning Rom Screensaver.scr
2011-11-21 10:47 . 2009-10-09 13:00 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2012-01-06 53248]
"S3Trayp"="S3trayp.exe" [2012-01-06 163840]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-07-10 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Pexeso 2002\\Pexeso.dat"=
"c:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
.
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9.10.2009 15:41 114768]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [1.1.2025 18:48 239168]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.10.2009 15:41 20560]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
S3 kbeepm;kbeepm;\??\c:\docume~1\vasek\LOCALS~1\Temp\kbeepm.sys --> c:\docume~1\vasek\LOCALS~1\Temp\kbeepm.sys [?]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.100.0.100 90.183.12.188
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -
.
WebBrowser-{91397D20-1446-11D4-8AF4-0040CA1127B6} - (no file)
AddRemove-3D Arctic Bear_is1 - c:\documents and settings\DANČA\Plocha\3D Arctic Bear\unins000.exe
AddRemove-Amazing Landscapes 2.1_is1 - c:\documents and settings\DANČA\Plocha\Amazing Landscapes 2.1\unins000.exe
AddRemove-KB923789 - c:\windows\system32\MacroMed\Flash\genuinst.exe
AddRemove-Lidské tělo 2.0 - c:\windows\IsUn0405.exe
AddRemove-Moorhuhnjagd - c:\windows\IsUn0407.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-06 22:52
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-967640650-3354510997-3455805987-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
Celkový čas: 2012-01-06 22:54:47
ComboFix-quarantined-files.txt 2012-01-06 21:54
.
Před spuštěním: Volných bajtů: 34 927 742 976
Po spuštění: Volných bajtů: 34 876 661 760
.
WindowsXP-KB310994-SP2-Home-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Home Edition" /noexecute=optin /fastdetect /usepmtimer
.
- - End Of File - - 7D49449D9FCB189FCD4DD069434CAC23

#17 Příspěvek od **Rudy** » 06 led 2012 23:04

Ještě dočistíme. Otevřte poznámkový blok a zkopírujte do něj:

Collect::
c:\docume~1\vasek\LOCALS~1\Temp\kbeepm.sys

Driver::
kbeepm

Uložte na plochu jako CFScript.txt. Pak jej myší přetáhněte nad ikonu ComboFix a pusťte. CF se spustí a vykoná příkazy ze skriptu.

Obrázek

petasmu · #18 Příspěvek od **petasmu** » 06 led 2012 23:30

ComboFix 12-01-06.01 - vasek 06.01.2012 23:16:00.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.1279.695 [GMT 1:00]
Spuštěný z: c:\documents and settings\vasek\Plocha\ComboFix.exe
Použité ovládací přepínače :: c:\documents and settings\vasek\Plocha\CFScript.txt
AV: avast! antivirus 4.8.1368 [VPS 101019-1] *Disabled/Outdated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
.
.
((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files\Internet Explorer\SET44.tmp
c:\program files\Internet Explorer\SET45.tmp
c:\windows\system32\SET4E.tmp
c:\windows\system32\SET5C.tmp
c:\windows\system32\SET5E.tmp
c:\windows\system32\SET60.tmp
c:\windows\system32\SET61.tmp
c:\windows\system32\SET63.tmp
c:\windows\system32\SET64.tmp
c:\windows\system32\SET66.tmp
c:\windows\system32\SET68.tmp
c:\windows\system32\SET69.tmp
c:\windows\system32\SET6E.tmp
c:\windows\system32\SET71.tmp
c:\windows\system32\SET7B.tmp
c:\windows\system32\SET7C.tmp
c:\windows\system32\SET7D.tmp
c:\windows\system32\SET7E.tmp
c:\windows\system32\SET84.tmp
c:\windows\system32\SET92.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Ovladače/Služby )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_KBEEPM
-------\Service_kbeepm
.
.
((((((((((((((((((((((((( Soubory vytvořené od 2011-12-06 do 2012-01-06 )))))))))))))))))))))))))))))))
.
.
2025-01-01 19:20 . 2025-01-01 19:20 -------- d-----w- C:\_OTM
2025-01-01 19:03 . 2001-10-24 11:25 57856 -c--a-w- c:\windows\system32\dllcache\EXCH_scripto.dll
2025-01-01 19:02 . 2004-08-18 12:00 45109 -c--a-w- c:\windows\system32\dllcache\imjpuex.exe
2025-01-01 19:01 . 2004-08-18 12:00 330752 -c--a-w- c:\windows\system32\dllcache\aqueue.dll
2025-01-01 18:58 . 2004-08-18 12:00 16384 -c--a-w- c:\windows\system32\dllcache\isignup.exe
2025-01-01 18:58 . 2004-08-18 12:00 16384 ----a-w- c:\program files\Internet Explorer\Connection Wizard\isignup.exe
2025-01-01 18:50 . 2001-08-17 19:13 27165 ----a-w- c:\windows\system32\drivers\fetnd5.sys
2025-01-01 18:45 . 2004-08-18 12:00 24661 -c--a-w- c:\windows\system32\dllcache\spxcoins.dll
2025-01-01 18:45 . 2004-08-18 12:00 24661 ----a-w- c:\windows\system32\spxcoins.dll
2025-01-01 18:45 . 2004-08-18 12:00 13312 -c--a-w- c:\windows\system32\dllcache\irclass.dll
2025-01-01 18:45 . 2004-08-18 12:00 13312 ----a-w- c:\windows\system32\irclass.dll
2025-01-01 17:55 . 2025-01-01 17:55 -------- d-----w- c:\program files\Smart Projects
2025-01-01 17:49 . 2025-01-01 17:49 -------- d-----w- c:\documents and settings\All Users\Data aplikací\Yandex
2025-01-01 17:48 . 2025-01-01 17:49 -------- d-----w- c:\documents and settings\vasek\Data aplikací\Yandex
2025-01-01 17:48 . 2025-01-01 17:50 239168 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2025-01-01 17:47 . 2025-01-01 17:49 -------- d-----w- c:\program files\DAEMON Tools Lite
2025-01-01 17:47 . 2025-01-01 17:51 -------- d-----w- c:\documents and settings\vasek\Data aplikací\DAEMON Tools Lite
2025-01-01 17:47 . 2025-01-01 17:47 -------- d-----w- c:\documents and settings\All Users\Data aplikací\DAEMON Tools Lite
2025-01-01 17:37 . 2025-01-01 17:37 -------- d-----w- c:\program files\Vypalovač
2012-01-06 22:23 . 2012-01-06 22:23 56200 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{674FC9E6-52DC-482B-B75C-7C8869BAE84B}\offreg.dll
2012-01-06 22:10 . 2010-05-04 17:18 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
2012-01-06 22:10 . 2010-05-04 17:18 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll
2012-01-06 22:10 . 2010-05-04 17:18 6067200 -c----w- c:\windows\system32\dllcache\ieframe.dll
2012-01-06 22:10 . 2010-05-04 17:18 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll
2012-01-06 22:10 . 2010-05-04 17:18 63488 -c----w- c:\windows\system32\dllcache\icardie.dll
2012-01-06 22:10 . 2010-05-04 17:18 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll
2012-01-06 22:10 . 2010-04-16 13:24 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe
2012-01-06 22:10 . 2010-02-22 22:04 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat
2012-01-06 20:26 . 2012-01-06 20:26 -------- d-----w- c:\windows\system32\CatRoot_bak
2012-01-06 20:22 . 2010-02-24 12:31 454016 -c----w- c:\windows\system32\dllcache\mrxsmb.sys
2012-01-06 20:19 . 2008-06-14 18:00 272128 -c----w- c:\windows\system32\dllcache\bthport.sys
2012-01-06 20:18 . 2010-02-16 19:34 2060544 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe
2012-01-06 20:18 . 2010-02-16 19:34 2018816 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe
2012-01-06 20:18 . 2010-02-16 19:34 2183552 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe
2012-01-06 20:18 . 2010-02-16 19:34 2139136 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe
2012-01-06 20:10 . 2012-01-06 20:10 -------- d-----w- c:\program files\7-Zip
2012-01-06 19:57 . 2004-10-22 01:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2012-01-06 19:57 . 2004-10-22 01:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2012-01-06 19:57 . 2004-10-22 01:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2012-01-06 19:57 . 2004-10-22 01:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2012-01-06 19:57 . 2012-01-06 19:57 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2012-01-06 19:57 . 2012-01-06 19:57 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2012-01-06 19:57 . 2004-10-22 01:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2012-01-06 19:44 . 2012-01-06 19:44 -------- d-----w- c:\program files\Lavalys
2012-01-01 16:37 . 2012-01-01 16:37 -------- d-----w- c:\program files\Defraggler
2012-01-01 16:36 . 2011-11-21 10:47 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\{674FC9E6-52DC-482B-B75C-7C8869BAE84B}\mpengine.dll
2011-12-22 16:07 . 2011-12-22 16:07 -------- d-----w- C:\NASA
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-01-06 19:56 . 2007-03-29 07:17 163840 ----a-w- c:\windows\system32\S3Trayp.exe
2012-01-06 19:56 . 2007-03-29 07:17 53248 ----a-w- c:\windows\system32\VTTimer.exe
2012-01-06 19:56 . 2004-01-09 09:52 49152 ----a-w- c:\windows\system32\VTSetvga.exe
2012-01-06 19:56 . 2007-03-29 07:17 524288 ----a-w- c:\windows\system32\S3ovrlay.dll
2012-01-06 19:56 . 2007-03-29 07:17 327680 ----a-w- c:\windows\system32\S3Info2.dll
2012-01-06 19:56 . 2007-03-29 07:17 808448 ----a-w- c:\windows\system32\drivers\S3gIGPm.sys
2012-01-06 19:56 . 2007-03-29 07:17 739840 ----a-w- c:\windows\system32\S3gIGP.dll
2012-01-06 19:56 . 2007-03-29 07:17 6549504 ----a-w- c:\windows\system32\s3gIGPgl.dll
2012-01-06 19:56 . 2007-03-29 07:17 2465280 ----a-w- c:\windows\system32\s3gcil_inv.dll
2012-01-06 19:56 . 2007-03-29 07:17 638976 ----a-w- c:\windows\system32\S3Disply.dll
2012-01-06 19:56 . 2007-03-29 07:17 450560 ----a-w- c:\windows\system32\S3Gamma2.dll
2012-01-06 19:56 . 2007-03-29 07:17 380928 ----a-w- c:\windows\system32\S3Cfg3d.dll
2011-12-22 16:08 . 2007-08-13 15:50 805376 ----a-w- c:\windows\Nero Burning Rom Screensaver.scr
2011-11-21 10:47 . 2009-10-09 13:00 6823496 ----a-w- c:\documents and settings\All Users\Data aplikací\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
.
.
((((((((((((((((((((((((((((( SnapShot@2012-01-06_21.52.32 )))))))))))))))))))))))))))))))))))))))))
.
+ 2012-01-06 22:23 . 2012-01-06 22:23 16384 c:\windows\Temp\Perflib_Perfdata_5c8.dat
+ 2012-01-06 22:00 . 2012-01-06 22:00 16384 c:\windows\Temp\Perflib_Perfdata_5c4.dat
+ 2010-01-03 15:10 . 2008-07-08 12:59 18296 c:\windows\system32\spmsg.dll
- 2010-01-03 15:10 . 2009-05-26 11:40 18296 c:\windows\system32\spmsg.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 44544 c:\windows\system32\pngfilt.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 27648 c:\windows\system32\jsproxy.dll
+ 2009-03-08 02:32 . 2010-04-16 13:24 13824 c:\windows\system32\ieudinit.exe
+ 2004-08-18 12:00 . 2010-05-04 17:18 44544 c:\windows\system32\iernonce.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 78336 c:\windows\system32\ieencode.dll
+ 2004-08-18 12:00 . 2010-04-16 13:24 70656 c:\windows\system32\ie4uinit.exe
+ 2004-08-18 12:00 . 2010-05-04 17:18 44544 c:\windows\system32\dllcache\pngfilt.dll
+ 2004-08-18 12:00 . 2007-08-13 17:01 48128 c:\windows\system32\dllcache\mshtmler.dll
+ 2004-08-18 12:00 . 2007-08-13 17:32 45568 c:\windows\system32\dllcache\mshta.exe
+ 2004-08-18 12:00 . 2007-08-13 17:44 40960 c:\windows\system32\dllcache\licmgr10.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 27648 c:\windows\system32\dllcache\jsproxy.dll
+ 2004-08-18 12:00 . 2007-08-13 17:39 92672 c:\windows\system32\dllcache\inseng.dll
+ 2004-08-18 12:00 . 2007-08-13 17:36 36352 c:\windows\system32\dllcache\imgutil.dll
+ 2004-08-18 12:00 . 2007-08-13 17:39 55296 c:\windows\system32\dllcache\iesetup.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 44544 c:\windows\system32\dllcache\iernonce.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 78336 c:\windows\system32\dllcache\ieencode.dll
+ 2007-03-31 11:49 . 2007-08-13 17:44 69120 c:\windows\system32\dllcache\iedw.exe
+ 2004-08-18 12:00 . 2010-04-16 13:24 70656 c:\windows\system32\dllcache\ie4uinit.exe
+ 2007-03-31 11:49 . 2007-08-13 17:18 60416 c:\windows\system32\dllcache\hmmapi.dll
+ 2007-03-31 11:49 . 2007-08-13 17:54 33792 c:\windows\system32\dllcache\custsat.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 17408 c:\windows\system32\dllcache\corpol.dll
+ 2004-08-18 12:00 . 2007-08-13 17:39 71680 c:\windows\system32\dllcache\admparse.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 17408 c:\windows\system32\corpol.dll
+ 2012-01-06 22:10 . 2007-08-13 17:36 44544 c:\windows\ie7updates\KB982381-IE7\pngfilt.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 27136 c:\windows\ie7updates\KB982381-IE7\jsproxy.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 13312 c:\windows\ie7updates\KB982381-IE7\ieudinit.exe
+ 2012-01-06 22:10 . 2007-08-13 17:39 43008 c:\windows\ie7updates\KB982381-IE7\iernonce.dll
+ 2012-01-06 22:10 . 2010-04-16 15:38 81920 c:\windows\ie7updates\KB982381-IE7\ieencode.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 54784 c:\windows\ie7updates\KB982381-IE7\ie4uinit.exe
+ 2012-01-06 22:10 . 2007-08-13 17:42 17408 c:\windows\ie7updates\KB982381-IE7\corpol.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 37888 c:\windows\ie7\url.dll
+ 2012-01-06 22:09 . 2007-10-04 08:13 66048 c:\windows\ie7\spuninst\ieResetIcons.exe
+ 2012-01-06 22:09 . 2007-10-04 08:15 33472 c:\windows\ie7\spuninst\iecustom.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 39424 c:\windows\ie7\pngfilt.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 96768 c:\windows\ie7\occache.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 56832 c:\windows\ie7\mshtmler.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 29184 c:\windows\ie7\mshta.exe
+ 2012-01-06 22:08 . 2004-08-18 12:00 22016 c:\windows\ie7\licmgr10.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 16384 c:\windows\ie7\jsproxy.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 96768 c:\windows\ie7\inseng.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 35840 c:\windows\ie7\imgutil.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 93184 c:\windows\ie7\iexplore.exe
+ 2012-01-06 22:08 . 2004-08-18 12:00 62976 c:\windows\ie7\iesetup.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 48640 c:\windows\ie7\iernonce.dll
+ 2012-01-06 22:08 . 2010-04-16 13:36 18432 c:\windows\ie7\iedw.exe
+ 2012-01-06 22:08 . 2004-08-18 12:00 34304 c:\windows\ie7\ie4uinit.exe
+ 2012-01-06 22:08 . 2004-08-18 12:00 38912 c:\windows\ie7\hmmapi.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 55808 c:\windows\ie7\extmgr.dll
+ 2012-01-06 22:08 . 2004-12-21 10:14 28672 c:\windows\ie7\custsat.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 35328 c:\windows\ie7\corpol.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 61440 c:\windows\ie7\admparse.dll
+ 2009-01-07 16:21 . 2006-07-14 15:51 121856 c:\windows\system32\xmllite.dll
- 2009-01-07 16:21 . 2008-04-14 03:22 121856 c:\windows\system32\xmllite.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 102912 c:\windows\system32\occache.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 671232 c:\windows\system32\mstime.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 193024 c:\windows\system32\msrating.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 477696 c:\windows\system32\mshtmled.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 192512 c:\windows\system32\iepeers.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 385024 c:\windows\system32\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-04-16 11:43 161792 c:\windows\system32\ieakui.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 230400 c:\windows\system32\ieaksie.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 153088 c:\windows\system32\ieakeng.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 133120 c:\windows\system32\extmgr.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 214528 c:\windows\system32\dxtrans.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 347136 c:\windows\system32\dxtmsft.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 832512 c:\windows\system32\dllcache\wininet.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 233472 c:\windows\system32\dllcache\webcheck.dll
+ 2007-03-31 11:49 . 2007-08-13 17:54 765952 c:\windows\system32\dllcache\VGX.dll
+ 2004-08-18 12:00 . 2007-08-13 17:54 413696 c:\windows\system32\dllcache\vbscript.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 105984 c:\windows\system32\dllcache\url.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 102912 c:\windows\system32\dllcache\occache.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 671232 c:\windows\system32\dllcache\mstime.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 193024 c:\windows\system32\dllcache\msrating.dll
+ 2004-08-18 12:00 . 2007-08-13 17:54 156160 c:\windows\system32\dllcache\msls31.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 477696 c:\windows\system32\dllcache\mshtmled.dll
+ 2004-08-18 12:00 . 2007-08-13 17:38 491520 c:\windows\system32\dllcache\jscript.dll
+ 2007-03-31 11:49 . 2010-04-16 11:43 634656 c:\windows\system32\dllcache\iexplore.exe
+ 2004-08-18 12:00 . 2010-05-04 17:18 192512 c:\windows\system32\dllcache\iepeers.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 385024 c:\windows\system32\dllcache\iedkcs32.dll
+ 2004-08-18 12:00 . 2010-04-16 11:43 161792 c:\windows\system32\dllcache\ieakui.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 230400 c:\windows\system32\dllcache\ieaksie.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 153088 c:\windows\system32\dllcache\ieakeng.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 133120 c:\windows\system32\dllcache\extmgr.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 214528 c:\windows\system32\dllcache\dxtrans.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 347136 c:\windows\system32\dllcache\dxtmsft.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 124928 c:\windows\system32\dllcache\advpack.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 818688 c:\windows\ie7updates\KB982381-IE7\wininet.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 231424 c:\windows\ie7updates\KB982381-IE7\webcheck.dll
+ 2012-01-06 22:10 . 2007-08-13 17:44 105984 c:\windows\ie7updates\KB982381-IE7\url.dll
+ 2012-01-06 22:10 . 2010-02-22 14:21 391032 c:\windows\ie7updates\KB982381-IE7\spuninst\updspapi.dll
+ 2012-01-06 22:10 . 2008-07-08 12:59 233848 c:\windows\ie7updates\KB982381-IE7\spuninst\spuninst.exe
+ 2012-01-06 22:10 . 2007-08-13 17:44 101376 c:\windows\ie7updates\KB982381-IE7\occache.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 670720 c:\windows\ie7updates\KB982381-IE7\mstime.dll
+ 2012-01-06 22:10 . 2007-08-13 17:44 192000 c:\windows\ie7updates\KB982381-IE7\msrating.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 475648 c:\windows\ie7updates\KB982381-IE7\mshtmled.dll
+ 2012-01-06 22:10 . 2007-08-13 17:43 622080 c:\windows\ie7updates\KB982381-IE7\iexplore.exe
+ 2012-01-06 22:10 . 2007-08-13 17:54 191488 c:\windows\ie7updates\KB982381-IE7\iepeers.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 382976 c:\windows\ie7updates\KB982381-IE7\iedkcs32.dll
+ 2012-01-06 22:10 . 2007-08-13 16:56 161792 c:\windows\ie7updates\KB982381-IE7\ieakui.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 229376 c:\windows\ie7updates\KB982381-IE7\ieaksie.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 152064 c:\windows\ie7updates\KB982381-IE7\ieakeng.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 131584 c:\windows\ie7updates\KB982381-IE7\extmgr.dll
+ 2012-01-06 22:10 . 2007-08-13 17:35 214528 c:\windows\ie7updates\KB982381-IE7\dxtrans.dll
+ 2012-01-06 22:10 . 2007-08-13 17:35 346624 c:\windows\ie7updates\KB982381-IE7\dxtmsft.dll
+ 2012-01-06 22:10 . 2007-08-13 17:39 123904 c:\windows\ie7updates\KB982381-IE7\advpack.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 663040 c:\windows\ie7\wininet.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 278528 c:\windows\ie7\webcheck.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 848384 c:\windows\ie7\vgx.dll
+ 2012-01-06 22:08 . 2010-03-10 08:07 417792 c:\windows\ie7\vbscript.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 625152 c:\windows\ie7\urlmon.dll
+ 2012-01-06 22:09 . 2006-09-06 16:42 379616 c:\windows\ie7\spuninst\updspapi.dll
+ 2012-01-06 22:09 . 2006-09-06 16:42 215776 c:\windows\ie7\spuninst\spuninst.exe
+ 2012-01-06 22:08 . 2010-04-16 15:38 532480 c:\windows\ie7\mstime.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 146432 c:\windows\ie7\msrating.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 146432 c:\windows\ie7\msls31.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 449024 c:\windows\ie7\mshtmled.dll
+ 2012-01-06 22:08 . 2009-08-21 06:52 450560 c:\windows\ie7\jscript.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 251392 c:\windows\ie7\iepeers.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 323584 c:\windows\ie7\iedkcs32.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 225280 c:\windows\ie7\ieakui.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 219136 c:\windows\ie7\ieaksie.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 139264 c:\windows\ie7\ieakeng.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 205312 c:\windows\ie7\dxtrans.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 357888 c:\windows\ie7\dxtmsft.dll
+ 2012-01-06 22:08 . 2004-08-18 12:00 100352 c:\windows\ie7\advpack.dll
+ 2004-08-18 12:00 . 2010-05-04 17:18 1168384 c:\windows\system32\dllcache\urlmon.dll
+ 2004-08-18 12:00 . 2010-05-04 21:48 3600384 c:\windows\system32\dllcache\mshtml.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 1162240 c:\windows\ie7updates\KB982381-IE7\urlmon.dll
+ 2012-01-06 22:10 . 2007-08-13 17:54 3578368 c:\windows\ie7updates\KB982381-IE7\mshtml.dll
+ 2012-01-06 22:08 . 2010-04-16 15:38 3086336 c:\windows\ie7\mshtml.dll
.
-- Snímek resetován k současnému datu --
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VTTimer"="VTTimer.exe" [2012-01-06 53248]
"S3Trayp"="S3trayp.exe" [2012-01-06 163840]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-07-10 155648]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-18 15360]
"DWQueuedReporting"="c:\progra~1\COMMON~1\MICROS~1\DW\dwtrig20.exe" [2007-02-25 437160]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Nero\\Nero 7\\Nero Home\\NeroHome.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"e:\\Program Files\\Pexeso 2002\\Pexeso.dat"=
"c:\\Program Files\\EA SPORTS\\NHL07\\nhl2007.exe"=
.
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [9.10.2009 15:41 114768]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [1.1.2025 18:48 239168]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [9.10.2009 15:41 20560]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [3.11.2006 18:19 13592]
.
Obsah adresáře 'Naplánované úlohy'
.
2012-01-06 c:\windows\Tasks\MP Scheduled Scan.job
- c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 17:20]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.seznam.cz/
uInternet Connection Wizard,ShellNext = iexplore
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 10.100.0.100 90.183.12.188
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2012-01-06 23:24
Windows 5.1.2600 Service Pack 2 NTFS
.
skenování skrytých procesů ...
.
skenování skrytých položek 'Po spuštění' ...
.
skenování skrytých souborů ...
.
sken byl úspešně dokončen
skryté soubory: 0
.
**************************************************************************
.
--------------------- ZAMKNUTÉ KLÍČE V REGISTRU ---------------------
.
[HKEY_USERS\S-1-5-21-967640650-3354510997-3455805987-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)
.
--------------------- Knihovny navázané na běžící procesy ---------------------
.
- - - - - - - > 'explorer.exe'(3868)
c:\windows\system32\msi.dll
c:\windows\system32\WPDShServiceObj.dll
c:\progra~1\ArcSoft\PHOTOI~1\share\pihook.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\program files\Common Files\Motive\McciCMService.exe
c:\windows\system32\HPZipm12.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\VTTimer.exe
c:\windows\system32\S3trayp.exe
.
**************************************************************************
.
Celkový čas: 2012-01-06 23:29:05 - počítač byl restartován
ComboFix-quarantined-files.txt 2012-01-06 22:29
ComboFix2.txt 2012-01-06 21:54
.
Před spuštěním: Volných bajtů: 34 652 766 208
Po spuštění: Volných bajtů: 34 612 011 008
.
- - End Of File - - 40F28B5ADE12CA0D52985E60E86087D6

#19 Příspěvek od **Rudy** » 06 led 2012 23:32

Log již vypadá čistý. Nastala nějaká změna?

petasmu · #20 Příspěvek od **petasmu** » 06 led 2012 23:37

Ano, už to běží viditelně rychleji. Jěště nataham aktualizace a uvidím.
Moc jste mi pomohli díky

#21 Příspěvek od **Rudy** » 06 led 2012 23:45

Měl jste tam rootkita. Nemáte zač!

petasmu · #22 Příspěvek od **petasmu** » 06 led 2012 23:57

Ještě jsem zapomněla na odinstalovani combofixu a tak.Jaký program použít?A dá se zbavit nabídky při načítání?

#23 Příspěvek od **Rudy** » 07 led 2012 11:30

Pardon, nějak jsem přehlédl, že jste dáma. Omlouvám se.

1. Spusťte znovu OTM a klikněte na CleanUp. OTM po sobě uklidí. nakonec jej snažte
2. ComboFix odinstalujete: Start>spustit>(napsat) combofix /uninstall>OK. CF se nejprve spustí a pak odinstaluje.

petasmu · #24 Příspěvek od **petasmu** » 07 led 2012 11:57

To nevadí

Po všech aktualizacích a další defragmentaci: PC šlape na 100%.
Ještě jednou díky.

#25 Příspěvek od **Rudy** » 07 led 2012 12:01

Nemáte zač!

VIRY.CZ

Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC

Re: Pomalé PC