Vir z facebook

Zpráva

Wanted Joker · #1 Příspěvek od **Wanted Joker** » 25 led 2014 22:42

Ahoj, dneska jsem chytil něco na Facebooku omylem jsem klikl na nějaký odkaz. Porsím o pomoc.

ESET mi našel tohle: Operační paměť » C:\Windows\SysWOW64\notepad.exe - varianta infiltrace Win32/Agent.NNF červ - nelze léčit

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-01-2014 01
Ran by Jirik (administrator) on JIRITOMEV on 25-01-2014 22:38:38
Running from C:\Users\Jirik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Program Files (x86)\GIGABYTE\ET6\GUI.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe
(SteelSeries) C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMTray2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jirik\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2011-07-12] (VIA Technologies, Inc.)
HKLM\...\Run: [egui] - C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-21] (ESET)
HKLM\...\Run: [IAStorIcon] - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] - C:\Windows\system32\nvspcap64.dll [1100248 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM-x32\...\Run: [HDAudDeck] - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5263504 2012-08-09] (VIA)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [SteelSeries World of Warcraft Cataclysm MMO Gaming Mouse] - C:\Program Files (x86)\SteelSeries\World of Warcraft Cataclysm MMO Gaming Mouse\WoWMHID2.exe [1993216 2011-08-18] (SteelSeries)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
MountPoints2: {9db0aa08-2820-11e3-bd58-902b34db6612} - F:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-19] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-19] (NVIDIA Corporation)

==================== Internet (Whitelisted) ====================

BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/
CHR Extension: (Dokumenty Google) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-09-16]
CHR Extension: (Disk Google) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-09-16]
CHR Extension: (YouTube) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-09-16]
CHR Extension: (Vyhledávání Google) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-09-16]
CHR Extension: (AdBlock) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-08]
CHR Extension: (Peněženka Google) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-16]
CHR Extension: (Gmail) - C:\Users\Jirik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-09-16]

==================== Services (Whitelisted) =================

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] ()
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-21] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2013-10-27] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [214520 2013-11-25] ()
R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27792 2012-08-03] (VIA Technologies, Inc.)

==================== Drivers (Whitelisted) ====================

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [22680 2012-10-25] ()
R3 BthAvrcp; C:\Windows\System32\DRIVERS\BthAvrcp.sys [29184 2009-08-13] (CSR, plc)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-09-28] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
R3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2014-01-25] ()
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
S3 jusb_x64; C:\Windows\System32\Drivers\jusb_x64.sys [48128 2011-03-29] (Thesycon GmbH, Germany)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [110744 2012-07-19] (Qualcomm Atheros Co., Ltd.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SSMO3v2Filter; C:\Windows\System32\drivers\MO3v2Driver.sys [23040 2010-11-22] (Sagatek Co. Ltd.)
R3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [205312 2012-01-20] (VIA Technologies, Inc.)
R3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [254464 2012-01-20] (VIA Technologies, Inc.)

==================== NetSvcs (Whitelisted) ===================

==================== One Month Created Files and Folders ========

2014-01-25 22:38 - 2014-01-25 22:38 - 00010801 _____ C:\Users\Jirik\Desktop\FRST.txt
2014-01-25 22:38 - 2014-01-25 22:38 - 00000000 ____D C:\FRST
2014-01-25 22:36 - 2014-01-25 22:37 - 02077696 _____ (Farbar) C:\Users\Jirik\Desktop\FRST64.exe
2014-01-25 22:36 - 2014-01-25 22:36 - 00112107 _____ (forum.viry.cz) C:\Users\Jirik\Downloads\Nepotvrzeno 528275.crdownload
2014-01-25 22:21 - 2014-01-25 22:31 - 00112640 _____ (forum.viry.cz) C:\Users\Jirik\Desktop\FRSTLauncher.exe
2014-01-25 22:09 - 2013-12-18 21:09 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-01-25 22:09 - 2013-12-18 21:04 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-01-25 22:09 - 2013-12-18 21:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-01-25 22:09 - 2013-12-18 21:03 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-01-25 22:08 - 2014-01-25 22:09 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-21 20:22 - 2014-01-21 20:22 - 00000000 ____D C:\Users\Jirik\Desktop\matrix 2014
2014-01-20 15:42 - 2014-01-20 15:42 - 00010187 _____ C:\Users\Jirik\Desktop\PLÁN.xlsx
2014-01-19 11:06 - 2014-01-19 11:07 - 00000000 ____D C:\Users\Jirik\Desktop\Nová složka
2014-01-17 14:48 - 2014-01-17 14:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-16 18:43 - 2014-01-16 18:43 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-16 18:43 - 2014-01-16 18:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2014-01-15 14:05 - 2013-11-26 12:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-14 20:07 - 2013-11-27 02:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-14 20:07 - 2013-11-26 11:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-10 01:15 - 2014-01-10 01:15 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-09 13:19 - 2014-01-09 13:19 - 00001020 _____ C:\Users\Jirik\Downloads\google.csv
2014-01-07 21:00 - 2013-12-19 21:33 - 30372640 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 25257248 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 22960416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 18222008 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 15877216 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 12645664 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-01-07 21:00 - 2013-12-19 21:33 - 11605752 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 11554264 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 09700224 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 09657464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 03132704 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 03125024 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 02947872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 02747680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433221.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433221.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 01242400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00882464 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00879392 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00852768 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00847648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00479520 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00405280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00357152 _____ C:\Windows\system32\NvIFROpenGL.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00317472 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00314656 _____ C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-01-07 21:00 - 2013-12-19 21:33 - 00266984 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-01-07 21:00 - 2013-11-28 14:38 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-01-07 21:00 - 2013-11-28 14:38 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-01-07 21:00 - 2013-11-22 09:36 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr

==================== One Month Modified Files and Folders =======

2014-01-25 22:38 - 2014-01-25 22:38 - 00010801 _____ C:\Users\Jirik\Desktop\FRST.txt
2014-01-25 22:38 - 2014-01-25 22:38 - 00000000 ____D C:\FRST
2014-01-25 22:37 - 2014-01-25 22:36 - 02077696 _____ (Farbar) C:\Users\Jirik\Desktop\FRST64.exe
2014-01-25 22:36 - 2014-01-25 22:36 - 00112107 _____ (forum.viry.cz) C:\Users\Jirik\Downloads\Nepotvrzeno 528275.crdownload
2014-01-25 22:31 - 2014-01-25 22:21 - 00112640 _____ (forum.viry.cz) C:\Users\Jirik\Desktop\FRSTLauncher.exe
2014-01-25 22:16 - 2013-09-16 21:36 - 01437258 _____ C:\Windows\WindowsUpdate.log
2014-01-25 22:09 - 2014-01-25 22:08 - 00005175 _____ C:\Windows\SysWOW64\jupdate-1.7.0_51-b13.log
2014-01-25 22:09 - 2013-09-17 15:38 - 00000000 ____D C:\ProgramData\Oracle
2014-01-25 22:09 - 2013-09-17 15:38 - 00000000 ____D C:\Program Files (x86)\Java
2014-01-25 22:08 - 2013-09-16 22:23 - 00000914 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-25 22:08 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-25 22:08 - 2009-07-14 05:45 - 00018816 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-25 22:07 - 2013-09-16 22:51 - 00000950 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-01-25 22:07 - 2009-07-14 16:18 - 00669904 _____ C:\Windows\system32\perfh005.dat
2014-01-25 22:07 - 2009-07-14 16:18 - 00142062 _____ C:\Windows\system32\perfc005.dat
2014-01-25 22:07 - 2009-07-14 06:13 - 01587976 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-25 22:06 - 2013-10-06 17:00 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\uTorrent
2014-01-25 22:06 - 2013-09-17 15:33 - 00000000 ____D C:\Users\Jirik\AppData\Local\LogMeIn Hamachi
2014-01-25 22:02 - 2013-09-17 02:29 - 00000004 _____ C:\Windows\SysWOW64\GVTunner.ref
2014-01-25 22:02 - 2013-09-16 21:59 - 00030528 _____ C:\Windows\GVTDrv64.sys
2014-01-25 22:01 - 2013-09-16 22:51 - 00000946 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-01-25 22:01 - 2013-09-16 22:43 - 00025640 _____ (Windows (R) Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-01-25 22:01 - 2013-09-16 22:13 - 00000000 ____D C:\ProgramData\NVIDIA
2014-01-25 22:01 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-25 20:50 - 2013-10-30 17:45 - 00000928 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job
2014-01-25 20:43 - 2013-09-16 21:35 - 00000000 ___RD C:\Users\Jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-01-25 17:50 - 2013-10-30 17:45 - 00000906 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job
2014-01-24 15:49 - 2013-11-26 17:24 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\TeamViewer
2014-01-22 03:05 - 2013-09-23 21:04 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\vlc
2014-01-21 20:22 - 2014-01-21 20:22 - 00000000 ____D C:\Users\Jirik\Desktop\matrix 2014
2014-01-20 15:42 - 2014-01-20 15:42 - 00010187 _____ C:\Users\Jirik\Desktop\PLÁN.xlsx
2014-01-20 01:15 - 2013-12-17 00:57 - 01247980 _____ C:\utorrent.lng
2014-01-19 11:07 - 2014-01-19 11:06 - 00000000 ____D C:\Users\Jirik\Desktop\Nová složka
2014-01-17 21:26 - 2013-09-16 23:14 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2014-01-17 16:08 - 2013-09-17 15:27 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\Skype
2014-01-17 14:48 - 2014-01-17 14:48 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2014-01-17 14:48 - 2013-09-17 15:32 - 00000926 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-01-16 21:16 - 2013-09-16 22:06 - 00109680 _____ C:\Users\Jirik\AppData\Local\GDIPFONTCACHEV1.DAT
2014-01-16 21:16 - 2009-07-14 05:45 - 00415648 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-16 18:43 - 2014-01-16 18:43 - 00001162 _____ C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-01-16 18:43 - 2014-01-16 18:43 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2014-01-15 18:13 - 2013-09-16 22:54 - 00002255 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2014-01-15 01:47 - 2013-09-17 15:47 - 00000000 ____D C:\ProgramData\Microsoft Help
2014-01-15 01:47 - 2013-09-16 23:45 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 01:46 - 2013-09-16 23:45 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-01-10 01:15 - 2014-01-10 01:15 - 00000000 ____D C:\Users\Jirik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google+ Auto Backup
2014-01-09 13:19 - 2014-01-09 13:19 - 00001020 _____ C:\Users\Jirik\Downloads\google.csv
2014-01-08 11:59 - 2009-07-14 06:08 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-07 21:03 - 2013-09-16 22:12 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2014-01-06 20:23 - 2014-01-06 20:23 - 04558848 _____ (Google Inc.) C:\Windows\SysWOW64\GPhotos.scr
2014-01-04 00:06 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\LiveKernelReports
2013-12-28 21:40 - 2013-09-17 15:41 - 00001160 _____ C:\Users\Jirik\AppData\Local\SRDownloader.nast
2013-12-28 18:24 - 2013-09-28 10:56 - 00010542 _____ C:\Users\Jirik\AppData\Local\SRDownloader.err
2013-12-28 09:25 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD

Some content of TEMP:
====================
C:\Users\Jirik\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit

LastRegBack: 2014-01-19 01:02

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:1862.92 GB) (Free:1716.89 GB) NTFS
Drive e: () (Fixed) (Total:931.51 GB) (Free:306.08 GB) NTFS

Available physical RAM: 4658.96 MB
Total physical RAM: 7118.68 MB
Percentage of memory in use: 34%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: FB26A1E7)
Partition 1: (Active) - (Size=99 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=-198730766336) - (Type=07 NTFS)
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C30568B2)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET personal firewall (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jirik\Desktop" je 493 MB.

***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam
"C:\Program Files (x86)\Steam\Steam.exe" -silent [x]

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000

==================== End Of Log ==============================

#2 Příspěvek od **Rudy** » 25 led 2014 23:04

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2: {9db0aa08-2820-11e3-bd58-902b34db6612} - F:\setup.exe
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Wanted Joker · #3 Příspěvek od **Wanted Joker** » 25 led 2014 23:17

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-01-2014 01
Ran by Jirik at 2014-01-25 23:16:53 Run:1
Running from C:\Users\Jirik\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32...Run [SunJavaUpdateSched] - CProgram Files (x86)Common FilesJavaJava Updatejusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2 {9db0aa08-2820-11e3-bd58-902b34db6612} - Fsetup.exe
CWindowsTasksGoogleUpdateTaskMachineUA.job
CWindowsTasksGoogleUpdateTaskMachineCore.job
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job
CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job
Task CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job = CUsersJirikAppDataLocalFacebookUpdateFacebookUpdate.exe
Task CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job = CUsersJirikAppDataLocalFacebookUpdateFacebookUpdate.exe
Task CWindowsTasksGoogleUpdateTaskMachineCore.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe
Task CWindowsTasksGoogleUpdateTaskMachineUA.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe
HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigstartupregFacebook Update
CUsersJirikAppDataLocalFacebookUpdateFacebookUpdate.exe c nocrashserver [x]
Task CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job = CUsersJirikAppDataLocalFacebookUpdateFacebookUpdate.exe
Task CWindowsTasksFacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job = CUsersJirikAppDataLocalFacebookUpdateFacebookUpdate.exe
Task CWindowsTasksGoogleUpdateTaskMachineCore.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe
Task CWindowsTasksGoogleUpdateTaskMachineUA.job = CProgram Files (x86)GoogleUpdateGoogleUpdate.exe
End
*****************

==== End of Fixlog ====

#4 Příspěvek od **Rudy** » 26 led 2014 11:11

Toto je pouze obsah skriptu. Klikl jste na >Fix<?

Wanted Joker · #5 Příspěvek od **Wanted Joker** » 26 led 2014 12:22

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 26-01-2014 01
Ran by Jirik at 2014-01-26 12:21:21 Run:2
Running from C:\Users\Jirik\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
MountPoints2: {9db0aa08-2820-11e3-bd58-902b34db6612} - F:\setup.exe
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update
"C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver [x]
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9db0aa08-2820-11e3-bd58-902b34db6612} => Key deleted successfully.
HKCR\CLSID\{9db0aa08-2820-11e3-bd58-902b34db6612} => Key not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job => Moved successfully.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.
"C:\Users\Jirik\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver [x]" => File/Directory not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000Core.job not found.
C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1904901252-3805392156-568962889-1000UA.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job not found.

==== End of Fixlog ====

#6 Příspěvek od **Rudy** » 26 led 2014 12:23

Smazáno. Nastala nějaká změna?

Wanted Joker · #7 Příspěvek od **Wanted Joker** » 26 led 2014 13:30

jj už je to ok. děkuju

#8 Příspěvek od **Rudy** » 26 led 2014 16:24

Nemáte zač!

VIRY.CZ

Vir z facebook

Vir z facebook

Re: Vir z facebook

Re: Vir z facebook

Re: Vir z facebook

Re: Vir z facebook

Re: Vir z facebook

Re: Vir z facebook

Re: Vir z facebook