PC zamrza

Zpráva

#16 Příspěvek od **Diallix** » 16 dub 2010 18:06

Aplikuj Combofix:

Stiahnite si na plochu ComboFix

Nasledne ho spustite (ucet Administratora).
Po spusteni naskocia licencne podmienky s ktorymi suhlaste a pokracujte ANO/YES/OK.
Zacne sken pocas ktoreho neklikajte pomimo okna. Cely sken trva cca. 10 minut.
Po skene ComboFix vygeneruje log, ktory ulozi do cielovej jednotky, napr. c:\ s nazvom ComboFix.log. Obsah celeho logu skopirujte sem.

Pouzi navod na GMER - tu : http://viry.cz/forum/viewtopic.php?f=29&t=62878

Alfajk · #17 Příspěvek od **Alfajk** » 16 dub 2010 19:50

...jestli do toho muzu kecat...doporucuju reinstall systemu,mel sem stejnej problem s vypinani monitoru a zkusil sem uplne vsechno a nekonec pomohl reinstal windowsu,sice to vypada jako HW zavada,ale muze za to klidne software

#18 Příspěvek od **Diallix** » 17 dub 2010 11:03

Alfajk, do tem sa nefpadava, ale konzultuje s radcom, ktory problem riesi - sz a reinstall os bez dalsej diagnostiky systemu davaju "radci" alebo skor "manici" na warez forach a my sme teda dost iny smer inde.

Blackoo · #19 Příspěvek od **Blackoo** » 18 dub 2010 09:36

ComboFix 10-04-17.02 - Zdeno 18.04.2010 10:30:05.1.2 - x86
Systém Microsoft Windows XP Home Edition 5.1.2600.3.1250.421.1033.18.2047.1549 [GMT 2:00]
Running from: c:\documents and settings\Zdeno\Desktop\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\AutoRun.inf

.
((((((((((((((((((((((((( Files Created from 2010-03-18 to 2010-04-18 )))))))))))))))))))))))))))))))
.

2010-04-15 14:00 . 2010-04-15 14:00 -------- d-----w- c:\program files\Lavalys
2010-04-14 21:12 . 2010-04-14 21:12 -------- d-----w- c:\documents and settings\Zdeno\Application Data\Malwarebytes
2010-04-14 21:12 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-04-14 21:12 . 2010-04-14 21:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2010-04-14 21:12 . 2010-04-14 21:12 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-04-14 21:12 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-04-14 20:44 . 2010-04-14 21:28 -------- d-----w- c:\program files\trend micro
2010-04-14 20:44 . 2010-04-14 20:44 -------- d-----w- C:\rsit
2010-04-13 17:42 . 2010-04-13 17:42 -------- d-----w- C:\PFiles
2010-04-13 10:59 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe
2010-04-02 11:54 . 2010-04-02 11:54 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\NVIDIA Corporation
2010-04-02 11:54 . 2010-04-02 11:54 -------- d-----w- c:\documents and settings\Zdeno\Local Settings\Application Data\NVIDIA Corporation
2010-04-02 11:54 . 2010-04-02 11:54 -------- d-----w- c:\program files\NVIDIA Corporation
2010-04-02 11:53 . 2010-04-02 11:53 -------- d-----w- c:\program files\NVIDIA nTune Performance Application
2010-03-24 08:04 . 2010-03-24 18:17 952768 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\18468\AdobeARM.exe
2010-03-24 08:04 . 2010-03-24 18:17 70584 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\18468\AdobeExtractFiles.dll
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\18468\ReaderUpdater.exe
2010-03-24 08:04 . 2010-03-24 18:17 326056 ----a-w- c:\documents and settings\All Users\Application Data\Adobe\Reader\9.3\ARM\18468\AcrobatUpdater.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-04-14 21:08 . 2009-12-13 20:19 -------- d-----w- c:\program files\ESET
2010-04-14 16:47 . 2010-02-25 09:26 38848 ----a-w- c:\windows\system32\avastSS.scr
2010-04-14 16:47 . 2010-02-25 09:26 153184 ----a-w- c:\windows\system32\aswBoot.exe
2010-04-14 16:35 . 2010-02-25 09:26 46672 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2010-04-14 16:35 . 2010-02-25 09:26 162768 ----a-w- c:\windows\system32\drivers\aswSP.sys
2010-04-14 16:31 . 2010-02-25 09:26 23376 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2010-04-14 16:31 . 2010-02-25 09:26 100432 ----a-w- c:\windows\system32\drivers\aswmon2.sys
2010-04-14 16:31 . 2010-02-25 09:26 94800 ----a-w- c:\windows\system32\drivers\aswmon.sys
2010-04-14 16:31 . 2010-02-25 09:26 19024 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2010-04-14 16:30 . 2010-02-25 09:26 28880 ----a-w- c:\windows\system32\drivers\aavmker4.sys
2010-04-10 14:49 . 2009-12-14 20:19 1 ----a-w- c:\documents and settings\Zdeno\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-04-02 11:54 . 2009-12-13 20:40 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-04-02 11:53 . 2009-12-13 22:07 -------- d-----w- c:\program files\Common Files\InstallShield
2010-03-27 11:05 . 2009-12-15 16:10 -------- d-----w- c:\documents and settings\All Users\Application Data\HPSSUPPLY
2010-03-27 11:05 . 2009-12-18 10:47 17672 -c--a-w- c:\documents and settings\Danka\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2010-03-27 10:59 . 2009-12-18 11:06 1 ----a-w- c:\documents and settings\Danka\Application Data\OpenOffice.org\3\user\uno_packages\cache\stamp.sys
2010-03-19 16:25 . 2010-03-11 15:27 -------- d-----w- c:\documents and settings\Zdeno\Application Data\Ahead
2010-03-11 15:27 . 2010-03-11 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2010-03-11 15:26 . 2010-03-11 15:25 -------- d-----w- c:\program files\Common Files\Ahead
2010-03-11 15:25 . 2010-03-11 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
2010-03-11 15:25 . 2010-03-11 15:25 -------- d-----w- c:\program files\Nero
2010-03-11 13:56 . 2009-12-14 12:00 -------- d-----w- c:\program files\Xvid CZ
2010-03-11 13:53 . 2009-12-14 12:00 -------- d-----w- c:\program files\Combined Community Codec Pack
2010-03-11 13:35 . 2010-03-11 13:35 -------- d-----w- c:\documents and settings\Zdeno\Application Data\Apple Computer
2010-03-11 13:34 . 2010-03-11 13:34 -------- d-----w- c:\program files\Common Files\Apple
2010-03-11 13:34 . 2010-03-11 13:34 -------- d-----w- c:\program files\Apple Software Update
2010-03-11 13:34 . 2010-03-11 13:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple
2010-03-11 13:24 . 2010-03-11 13:20 -------- d-----w- c:\program files\Common Files\Real
2010-03-11 13:20 . 2010-03-11 13:20 348160 ----a-w- c:\windows\system32\msvcr71.dll
2010-03-11 13:20 . 2007-03-11 20:24 499712 ----a-w- c:\windows\system32\msvcp71.dll
2010-03-09 11:09 . 2006-02-28 12:00 430080 ----a-w- c:\windows\system32\vbscript.dll
2010-03-01 10:20 . 2010-01-20 16:20 3803208 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AutoLaunch.exe
2010-02-26 05:43 . 2006-02-28 12:00 667136 ----a-w- c:\windows\system32\wininet.dll
2010-02-26 05:43 . 2006-02-28 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll
2010-02-25 09:26 . 2010-02-25 09:26 -------- d-----w- c:\program files\Alwil Software
2010-02-25 09:26 . 2010-02-25 09:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software
2010-02-24 13:11 . 2006-02-28 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
2010-02-16 14:08 . 2006-02-28 12:00 2146304 ----a-w- c:\windows\system32\ntoskrnl.exe
2010-02-16 13:25 . 2004-08-03 22:59 2024448 ----a-w- c:\windows\system32\ntkrnlpa.exe
2010-02-12 04:33 . 2006-02-28 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
2010-02-11 12:02 . 2006-02-28 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
2010-02-05 10:20 . 2009-12-20 16:20 389784 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\UpdateManager.dll
2010-02-05 10:20 . 2009-12-20 16:19 823928 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\Ad-AwareAdmin.exe
2010-02-05 10:20 . 2009-12-20 16:19 1181328 ----a-w- c:\documents and settings\All Users\Application Data\Lavasoft\Ad-Aware\Update\AAWService.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]
"Google Update"="c:\documents and settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" [2009-12-13 133104]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-09-04 81920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2005-09-22 14854144]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-08-27 8466432]
"nwiz"="nwiz.exe" [2007-08-27 1626112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-08-27 81920]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-04-14 2790472]
"NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 153136]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\Danka\Start Menu\Programs\Startup\
OpenOffice.org 3.1.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2009-5-15 384512]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
2009-12-13 20:26 133104 ----atw- c:\documents and settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
2007-03-11 20:34 49152 ----a-w- c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ------w- c:\program files\Messenger\msmsgs.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"h:\\Games\\World of Warcraft\\WoW-3.2.0-enUS-downloader.exe"=
"h:\\Games\\World of Warcraft\\Launcher.exe"=
"h:\\Games\\World of Warcraft\\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"=
"h:\\Games\\WarCraft3FrozenThrone\\Warcraft III\\Warcraft III.exe"=
"h:\\Games\\CS\\hl.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"h:\\Games\\World of Warcraft\\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:Blizzard Downloader: 3724

R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [20.12.2009 18:20 64288]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [25.2.2010 11:26 162768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [25.2.2010 11:26 19024]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [2.12.2009 15:19 1181328]
S0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [29.12.2009 18:14 691696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder

2010-04-18 c:\windows\Tasks\Ad-Aware Update (Daily 1).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 10:20]

2010-04-18 c:\windows\Tasks\Ad-Aware Update (Daily 2).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 10:20]

2010-04-18 c:\windows\Tasks\Ad-Aware Update (Daily 3).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 10:20]

2010-04-18 c:\windows\Tasks\Ad-Aware Update (Daily 4).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 10:20]

2010-04-18 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-12-02 10:20]

2010-04-15 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-839522115-725345543-1004Core.job
- c:\documents and settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-13 20:26]

2010-04-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-839522115-725345543-1004UA.job
- c:\documents and settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-13 20:26]
.
- - - - ORPHANS REMOVED - - - -

HKCU-Run-OEXPRESS - (no file)
MSConfigStartUp-ICQ - c:\program files\ICQ6.5\ICQ.exe
MSConfigStartUp-nod32kui - c:\program files\Eset\nod32kui.exe

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-04-18 10:34
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2010-04-18 10:35:32
ComboFix-quarantined-files.txt 2010-04-18 08:35

Pre-Run: 1 132 924 928 bytes free
Post-Run: 2 047 840 256 bytes free

- - End Of File - - 149B91D60A55465328FAFD5E03795164

Blackoo · #20 Příspěvek od **Blackoo** » 19 dub 2010 17:58

chceli ste nieco ine ?

#21 Příspěvek od **Diallix** » 19 dub 2010 18:59

Este poprosim log z gmeru. Dal si len z combofixu

Blackoo · #22 Příspěvek od **Blackoo** » 20 dub 2010 21:08

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit quick scan 2010-04-20 21:30:48
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Zdeno\LOCALS~1\Temp\uxtdypog.sys

---- System - GMER 1.0.15 ----

SSDT spxb.sys ZwEnumerateKey [0xBA6CDDA4]
SSDT spxb.sys ZwEnumerateValueKey [0xBA6CE132]

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xB3CBD50A]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xB3CBD32E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xB3CBD468]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
Device \FileSystem\Ntfs \Ntfs 89DE21F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

---- EOF - GMER 1.0.15 ----

Blackoo · #23 Příspěvek od **Blackoo** » 20 dub 2010 21:08

GMER 1.0.15.15281 - http://www.gmer.net
Rootkit scan 2010-04-20 22:04:05
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\Zdeno\LOCALS~1\Temp\uxtdypog.sys

---- System - GMER 1.0.15 ----

SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xB3CB0C08]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xB3CB0AC4]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteKey [0xB3CB1078]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xB3CB0FA2]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xB3CB069A]
SSDT spxb.sys ZwEnumerateKey [0xBA6CDDA4]
SSDT spxb.sys ZwEnumerateValueKey [0xBA6CE132]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xB3CB0B9E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xB3CB05DA]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xB3CB063E]
SSDT spxb.sys ZwQueryKey [0xBA6CE20A]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xB3CB0CBE]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRenameKey [0xB3CB1146]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xB3CB0C7E]
SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xB3CB0DFE]

INT 0x62 ? 89DE3BF8
INT 0x63 ? 89BC3BF8
INT 0x73 ? 89BC3BF8
INT 0x73 ? 89BC3BF8
INT 0x83 ? 89DE3BF8
INT 0x94 ? 89BC3BF8
INT 0xA4 ? 89BC3BF8

Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateProcessEx [0xB3CBD50A]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateSection [0xB3CBD32E]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwLoadDriver [0xB3CBD468]
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) NtCreateSection
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObInsertObject
Code \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ObMakeTemporaryObject

---- Kernel code sections - GMER 1.0.15 ----

PAGE ntkrnlpa.exe!ZwLoadDriver 8058413A 7 Bytes JMP B3CBD46C \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!NtCreateSection 805AB38E 7 Bytes JMP B3CBD332 \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObMakeTemporaryObject 805BC502 5 Bytes JMP B3CB94AA \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ObInsertObject 805C2F86 5 Bytes JMP B3CBA97E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
PAGE ntkrnlpa.exe!ZwCreateProcessEx 805D1134 7 Bytes JMP B3CBD50E \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software)
? spxb.sys Systém nemôže nájsť zadaný súbor. !
.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB7ACD360, 0x300037, 0xE8000020]
.text USBPORT.SYS!DllUnload B7AAD8AC 5 Bytes JMP 89BC31D8
.text a3qlk60g.SYS B79E2386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...]
.text a3qlk60g.SYS B79E23AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...]
.text a3qlk60g.SYS B79E23C4 3 Bytes [00, 80, 02]
.text a3qlk60g.SYS B79E23C9 1 Byte [30]
.text a3qlk60g.SYS B79E23C9 11 Bytes [30, 00, 00, 00, 5E, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESI; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL}
.text ...

---- Kernel IAT/EAT - GMER 1.0.15 ----

IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [BA6B6042] spxb.sys
IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [BA6B613E] spxb.sys
IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [BA6B60C0] spxb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [BA6B6800] spxb.sys
IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [BA6B66D6] spxb.sys
IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [BA6C5B90] spxb.sys
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KfAcquireSpinLock] 18C4830E
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!READ_PORT_UCHAR] 1C959E88
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KeGetCurrentIrql] 9E880000
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KfRaiseIrql] 00001CB1
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KfLowerIrql] 0E798366
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!HalGetInterruptVector] 74AAB000
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!HalTranslateBusAddress] 8986C636
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KeStallExecutionProcessor] 1A00001C
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!KfReleaseSpinLock] 1C8B86C6
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] C6020000
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!READ_PORT_USHORT] 001C9686
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 86C60200
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[HAL.dll!WRITE_PORT_UCHAR] 00001CB2
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[WMILIB.SYS!WmiSystemControl] 8800001C
IAT \SystemRoot\System32\Drivers\a3qlk60g.SYS[WMILIB.SYS!WmiCompleteRequest] 001CB99E

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\WINDOWS\system32\services.exe[684] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 003E0002
IAT C:\WINDOWS\system32\services.exe[684] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 003E0000

---- Devices - GMER 1.0.15 ----

Device \FileSystem\Ntfs \Ntfs aswSP.SYS (avast! self protection module/ALWIL Software)
Device \FileSystem\Ntfs \Ntfs 89DE21F8

AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software)
AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbohci \Device\USBPDO-0 89BC1468
Device \Driver\sptd \Device\2636425442 spxb.sys
Device \Driver\usbohci \Device\USBPDO-1 89BC1468
Device \Driver\PCI_PNP5442 \Device\00000052 spxb.sys
Device \Driver\usbohci \Device\USBPDO-2 89BC1468
Device \Driver\usbohci \Device\USBPDO-3 89BC1468
Device \Driver\usbohci \Device\USBPDO-4 89BC1468

AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbehci \Device\USBPDO-5 89B831F8
Device \Driver\Ftdisk \Device\HarddiskVolume1 89E541F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{062F33E1-8EF3-48D0-BC6F-EFCB4CAC28D3} 895161F8
Device \Driver\Ftdisk \Device\HarddiskVolume2 89E541F8
Device \Driver\Cdrom \Device\CdRom0 89B671F8
Device \Driver\Cdrom \Device\CdRom1 89B671F8
Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-3 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort0 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort1 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort2 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdePort3 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\atapi \Device\Ide\IdeDeviceP2T0L0-12 [BA62FB40] atapi.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX}
Device \Driver\NetBT \Device\NetBt_Wins_Export 895161F8
Device \Driver\NetBT \Device\NetbiosSmb 895161F8
Device \Driver\NetBT \Device\NetBT_Tcpip_{657AC66F-0713-4156-A276-BD3417398134} 895161F8
Device \Driver\usbstor \Device\00000088 898151F8

AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbstor \Device\00000089 898151F8

AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software)

Device \Driver\usbohci \Device\USBFDO-0 89BC1468
Device \Driver\usbohci \Device\USBFDO-1 89BC1468
Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8956C1F8
Device \Driver\usbohci \Device\USBFDO-2 89BC1468
Device \FileSystem\MRxSmb \Device\LanmanRedirector 8956C1F8
Device \Driver\usbohci \Device\USBFDO-3 89BC1468
Device \Driver\usbohci \Device\USBFDO-4 89BC1468
Device \Driver\Ftdisk \Device\FtControl 89E541F8
Device \Driver\usbstor \Device\0000008a 898151F8
Device \Driver\usbehci \Device\USBFDO-5 89B831F8
Device \Driver\usbstor \Device\0000008b 898151F8
Device \Driver\usbstor \Device\0000008c 898151F8
Device \Driver\a3qlk60g \Device\Scsi\a3qlk60g1 89AE41F8
Device \Driver\a3qlk60g \Device\Scsi\a3qlk60g1Port4Path0Target0Lun0 89AE41F8
Device \FileSystem\Cdfs \Cdfs 898B7500

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x71 0x60 0x38 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB4 0x67 0x9F 0x24 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0
Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x3F 0xC2 0xF2 0x45 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xD4 0xC3 0x97 0x02 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x18 0x71 0x60 0x38 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0xB4 0x67 0x9F 0x24 ...
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x3F 0xC2 0xF2 0x45 ...

---- EOF - GMER 1.0.15 ----

Blackoo · #24 Příspěvek od **Blackoo** » 20 dub 2010 21:11

po dokonceni scanu, ked som zavrel GMER mi nahodilo modru obrazovku .. isiel len reset... a pri zapinani mi dalo moznost spustit Windows recovery console a normalny start Windowsu

#25 Příspěvek od **motji** » 21 dub 2010 21:42

Dobrý večer, záskok za kolegu

Ted to vypadá s počítačem jak?

Blackoo · #26 Příspěvek od **Blackoo** » 22 dub 2010 05:46

dobry

no stav PC sa urcite zlepsil:) ale aj tak este obcas niekedy zamrzne... nieje to vsak uz take caste

#27 Příspěvek od **motji** » 22 dub 2010 06:42

Abych nezapoměla - recovery konzole se nainstalovala spolu s combofixem. Pokud ji nechcete, můžeme ji odinstalovat.

Logy jsou v pořádku. Nevšiml jste si, kdy počítač zamrzá? Když máte spuštěno více programů a pod?
Zkusíme ho ještě trochu pročistit a uvidíme. Máte málo místa na disku
System drive C: has 2 GB (9%), chtělo by to udělat místo alespon na 4-5Gb.

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

Odinstalujte combofix přes Start - Spustit
- zkopírujte do okénka:

ComboFix /Uninstall

-stiskněte Enter
-To odinstaluje ComboFix a smaže s ním související soubory a složky.

***********

Stáhněte T-Cleaner
http://sweb.cz/Marinus/T-Cleaner.exe

-Spusťte,pro potvrzení volby mačkejte klávesu A, Enter
-po použití prográmek vymažte.Pozor,antiviry ho mohou falešně označit za vir

***********

Z mého podpisu stahněte Ccleaner
- nainstalujte, při výběru, co se má nainstalovat, dejte pryč fajfku u instalace yahoo toolbaru

Obrázek

záložka čistič
- nechejte v levém sloupečku zatrhnuté vše jak je, klikněte na analyzovat
- po analýze klikněte na Spustit Ccleaner

Obrázek

záložka Registry
- klikněte na hledej problémy
- pak klikněte na opravit vybrané problémy -- udělat zálohu registrů - nemusíte
- kliknete opravit všechny problémy

ok

zavřít

Záložka Nástroje
- zde můžete odinstalovat programy. Je to důkladnější odinstalace než u přidat/odebrat programy ve Windows.

Ccleaner - čistič doporučuji používat, krásně pročistí pc od dočasných souborů.
Registry pročistí třeba po odinstalaci nějakého programu.

***********

Stahněte OTC a použijte
http://oldtimer.geekstogo.com/OTC.exe
-vyčistí tempy a po použitých programech

***********

Vložte nový log ze RSIT a řekněte co počítač, jak se chová, už je vše v pořádku?

vyčistění disku
start-spustit - napište cleanmgr - ok..ok
-dát fajfku temporary ,,,offline,,koš,,,dočasné soubory - ok,

start-spustit - napište cleanmgr - ok..ok
-další možnosti - obnovení systému - vyčistit - ok

start-spustit - napište chkdsk /f/r
-[enter]
souhlas - restartuje se pc a nechá se disk zkontrolovat

defragmentace disku
- start - ovládací panely - nástroje pro správu - správa počítače - defragmentace disku

-- můžete použít i jiný nástroj na defragmentaci, ten ve windows není nic moc

Obrázek

Za sebe můžu doporučit JK defrag, který se neinstaluje
http://www.stahuj.centrum.cz/utility_a_ ... g[oz]=3.36

Blackoo · #28 Příspěvek od **Blackoo** » 22 dub 2010 19:56

Logfile of random's system information tool 1.06 (written by random/random)
Run by Zdeno at 2010-04-22 20:54:17
Systém Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 5 GB (24%) free of 20 GB
Total RAM: 2047 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:54:25, on 22.4.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Zdeno\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Zdeno\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Documents and Settings\Zdeno\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\Zdeno.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5052 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Ad-Aware Update (Daily 1).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 2).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 3).job
C:\WINDOWS\tasks\Ad-Aware Update (Daily 4).job
C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-839522115-725345543-1004Core.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1715567821-839522115-725345543-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll [2007-03-02 1298024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{053F9267-DC04-4294-A72C-58F732D338C0}]
HP Print Clips - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll [2007-03-02 177768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-04 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2009-11-24 953800]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2007-08-28 8466432]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2007-08-28 81920]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"avast5"=C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe [2010-04-14 2790472]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2009-10-30 369200]
"Google Update"=C:\Documents and Settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-13 133104]
"NVIDIA nTune"=C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe [2007-09-04 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Zdeno\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-12-13 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-03-11 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
C:\PROGRA~1\HP\DIGITA~1\bin\hpqtra08.exe [2007-03-11 210520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"H:\Games\World of Warcraft\WoW-3.2.0-enUS-downloader.exe"="H:\Games\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"H:\Games\World of Warcraft\Launcher.exe"="H:\Games\World of Warcraft\Launcher.exe:*:Enabled:Blizzard Launcher"
"H:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe"="H:\Games\World of Warcraft\WoW-3.1.3.9947-to-3.2.0.10192-enUS-downloader.exe:*:Enabled:Blizzard Downloader"
"H:\Games\WarCraft3FrozenThrone\Warcraft III\Warcraft III.exe"="H:\Games\WarCraft3FrozenThrone\Warcraft III\Warcraft III.exe:*:Enabled:Warcraft III"
"H:\Games\CS\hl.exe"="H:\Games\CS\hl.exe:*:Enabled:Half-Life Launcher"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe:*:Enabled:BlueSoleil"
"H:\Games\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe"="H:\Games\World of Warcraft\WoW-3.2.2.10505-to-3.3.0.10958-enUS-downloader.exe:*:Enabled:Blizzard Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-04-22 20:54:17 ----D---- C:\rsit
2010-04-22 20:54:17 ----D---- C:\Program Files\trend micro
2010-04-22 20:44:10 ----SHD---- C:\RECYCLER
2010-04-22 20:42:26 ----D---- C:\Program Files\CCleaner
2010-04-18 10:27:08 ----A---- C:\Boot.bak
2010-04-18 10:27:03 ----RASHD---- C:\cmdcons
2010-04-15 16:00:17 ----D---- C:\Program Files\Lavalys
2010-04-14 23:12:59 ----D---- C:\Documents and Settings\Zdeno\Application Data\Malwarebytes
2010-04-14 23:12:49 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-04-14 23:12:48 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-04-14 21:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-04-14 21:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-04-14 21:58:41 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-04-14 21:58:33 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-04-14 21:58:28 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-04-14 21:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-04-14 21:58:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-04-13 19:42:21 ----D---- C:\PFiles
2010-04-13 12:59:31 ----N---- C:\WINDOWS\system32\browserchoice.exe
2010-04-02 13:54:08 ----D---- C:\Program Files\NVIDIA Corporation
2010-04-02 13:53:30 ----D---- C:\Program Files\NVIDIA nTune Performance Application
2010-03-31 18:58:01 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$

======List of files/folders modified in the last 1 months======

2010-04-22 20:54:25 ----D---- C:\WINDOWS\Prefetch
2010-04-22 20:54:17 ----RD---- C:\Program Files
2010-04-22 20:53:58 ----SD---- C:\WINDOWS\Tasks
2010-04-22 20:53:56 ----D---- C:\WINDOWS\Temp
2010-04-22 20:52:52 ----D---- C:\WINDOWS\system32\Lang
2010-04-22 20:52:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-04-22 20:47:58 ----D---- C:\WINDOWS
2010-04-22 20:46:50 ----D---- C:\WINDOWS\system32\CatRoot2
2010-04-22 20:44:10 ----D---- C:\WINDOWS\Minidump
2010-04-22 20:44:10 ----D---- C:\WINDOWS\Debug
2010-04-22 20:40:20 ----SHD---- C:\System Volume Information
2010-04-22 20:40:20 ----D---- C:\WINDOWS\system32\Restore
2010-04-22 20:36:33 ----A---- C:\WINDOWS\NeroDigital.ini
2010-04-21 18:10:04 ----A---- C:\WINDOWS\WDICT32.INI
2010-04-18 10:34:45 ----A---- C:\WINDOWS\system.ini
2010-04-18 10:32:42 ----D---- C:\WINDOWS\system32
2010-04-18 10:32:06 ----D---- C:\WINDOWS\system32\drivers
2010-04-18 10:32:06 ----D---- C:\WINDOWS\AppPatch
2010-04-18 10:32:03 ----D---- C:\Program Files\Common Files
2010-04-18 10:27:08 ----RASH---- C:\boot.ini
2010-04-17 22:37:14 ----A---- C:\WINDOWS\win.ini
2010-04-16 14:08:07 ----D---- C:\Config.Msi
2010-04-16 13:04:21 ----SHD---- C:\WINDOWS\Installer
2010-04-14 23:08:20 ----D---- C:\Program Files\ESET
2010-04-14 22:00:03 ----HD---- C:\WINDOWS\inf
2010-04-14 22:00:02 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-04-14 21:59:56 ----HD---- C:\WINDOWS\$hf_mig$
2010-04-14 18:47:03 ----A---- C:\WINDOWS\system32\aswBoot.exe
2010-04-06 19:52:54 ----A---- C:\WINDOWS\system32\MRT.exe
2010-04-02 13:54:25 ----HD---- C:\Program Files\InstallShield Installation Information
2010-04-02 13:53:52 ----D---- C:\Program Files\Common Files\InstallShield
2010-03-28 10:33:54 ----AC---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-03-27 13:05:09 ----D---- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2010-04-14 28880]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2010-04-14 162768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2010-04-14 46672]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2010-04-14 19024]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2010-04-14 100432]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2010-04-14 23376]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2007-08-28 6811168]
R3 NVR0Dev;NVR0Dev; \??\C:\WINDOWS\nvoclock.sys []
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2006-02-28 5888]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-03-08 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-03-08 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-03-08 21568]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-12-29 691696]
S4 WS2IFSL;Prostredie podpory poskytovateľa služby Windows Socket 2.0 Non-IFS Service; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2010-02-05 1181328]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 nTuneService;nTune Service; C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe [2007-09-04 131072]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2007-08-28 155716]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2010-04-14 40384]
R3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]

-----------------EOF-----------------

#29 Příspěvek od **motji** » 22 dub 2010 20:31

odinstalujte DAEMON Tools Toolbar

Jak to vypadá s počítačem?

Blackoo · #30 Příspěvek od **Blackoo** » 24 dub 2010 21:23

s PC je to ovela lepsie:) ... za posledne tri dni mi zamrzol asi raz

:) uvidime ako bude dalej

VIRY.CZ

PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza

Re: PC zamrza