Prośba– sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 15:04:07, on 2005–12–31
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\SYSTEM32\Ati2evxx.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\D–Tools\daemon.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\PROGRA~1\DAP\DAP.EXE
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\rundll32.exe
D:\net\programy\tipsy\keylogger\logger.exe
D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
D:\Program Files\QuickTime\qttask.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\WINDOWS\explorer.exe
D:\Program Files\SmartBarXP BETA4.4\SmartBar XP.exe
D:\Program files\Opera\Opera.exe
D:\net\programy\forum\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slysoft.com/purchase.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
R3 – URLSearchHook: (no name) – {00A6FAF6–072E–44cf–8957–5838F569A31D} – D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 – BHO: MyWebSearch Search Assistant BHO – {00A6FAF1–072E–44cf–8957–5838F569A31D} – D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\PROGRAMY– wspólne dla dwóch systemów\Adobe Reader 6\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: mwsBar BHO – {07B18EA1–A523–4961–B6BB–170DE4475CCA} – D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 – BHO: URLLink – {4A2AACF3–ADF6–11D5–98A9–00E018981B9E} – D:\Program Files\NewDotNet\newdotnet6_98.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "D:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [DownloadAccelerator] D:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup –s
O4 – HKLM\..\Run: [watch] "D:\net\programy\tipsy\keylogger\logger.exe" /ukryj /lbl:SYSTEM
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKCU\..\Run: [SmartBarXP] D:\Program Files\SmartBarXP BETA4.4\SmartBar XP.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O8 – Extra context menu item: &Download with &DAP – D:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: &Search – http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYPL
O8 – Extra context menu item: Download &all with DAP – D:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~2\Office\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – D:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – D:\Program Files\Messenger\msmsgs.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – D:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – D:\PROGRA~2\Office\OFFICE11\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – D:\Program Files\IrfanView\Ebay\Ebay.htm
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O16 – DPF: {01347765–1965–426B–91A4–AA6BB342B9A3} (InstallerObj Class) – http://www.1–click.com/common/files/installer–hidden–test.cab
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.15.cab
O16 – DPF: {2A781DED–C22D–4153–9812–CEA98A32981C} (GameDesire Makao) – http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_20.cab
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/180solutions/ie/bridge–c580.cab
O16 – DPF: {A6212120–01D4–11D5–9A39–0080C8D85044} (GameDesire Slots 70th) – http://67.15.101.3/g_bin/pl/slots70_2_0_0_26.cab
O16 – DPF: {AB8638BB–79E8–4E9D–ABF2–8F33054E3941} (Guesser Class) – http://czat.onet.pl/client/kalambury/NetPunGame1.dll
O16 – DPF: {DE625294–70E6–45ED–B895–CFFA13AEB044} (AxisMediaControlEmb Class) – http://216.80.46.49:60173/activex/AMC.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{86977B1F–EE3B–475F–8900–6AB29213B6DB}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – D:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – D:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: Power Manager (PowerManager) – Unknown owner – D:\WINDOWS\svchost.exe
Niby na moim kompie nic dziwnego się nie dzieje, ale tak profilaktycznie chciałem sprawdzić.Na http://www.hijackthis.de/en około 15 wpisów zostało uznanych za Nasty, a kolejne jakieś 10 za Possibly nasty.
Scan saved at 15:04:07, on 2005–12–31
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
D:\WINDOWS\SYSTEM32\Ati2evxx.exe
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\D–Tools\daemon.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\PROGRA~1\DAP\DAP.EXE
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\system32\rundll32.exe
D:\net\programy\tipsy\keylogger\logger.exe
D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
D:\Program Files\QuickTime\qttask.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\WINDOWS\explorer.exe
D:\Program Files\SmartBarXP BETA4.4\SmartBar XP.exe
D:\Program files\Opera\Opera.exe
D:\net\programy\forum\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slysoft.com/purchase.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
R3 – URLSearchHook: (no name) – {00A6FAF6–072E–44cf–8957–5838F569A31D} – D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 – BHO: MyWebSearch Search Assistant BHO – {00A6FAF1–072E–44cf–8957–5838F569A31D} – D:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\PROGRAMY– wspólne dla dwóch systemów\Adobe Reader 6\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: mwsBar BHO – {07B18EA1–A523–4961–B6BB–170DE4475CCA} – D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 – BHO: URLLink – {4A2AACF3–ADF6–11D5–98A9–00E018981B9E} – D:\Program Files\NewDotNet\newdotnet6_98.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 – HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "D:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [DownloadAccelerator] D:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup –s
O4 – HKLM\..\Run: [watch] "D:\net\programy\tipsy\keylogger\logger.exe" /ukryj /lbl:SYSTEM
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKCU\..\Run: [SmartBarXP] D:\Program Files\SmartBarXP BETA4.4\SmartBar XP.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: DSLMON.lnk = D:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O8 – Extra context menu item: &Download with &DAP – D:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: &Search – http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYPL
O8 – Extra context menu item: Download &all with DAP – D:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~2\Office\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – D:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – D:\Program Files\Messenger\msmsgs.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – D:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – D:\PROGRA~2\Office\OFFICE11\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – D:\Program Files\IrfanView\Ebay\Ebay.htm
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O16 – DPF: {01347765–1965–426B–91A4–AA6BB342B9A3} (InstallerObj Class) – http://www.1–click.com/common/files/installer–hidden–test.cab
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.15.cab
O16 – DPF: {2A781DED–C22D–4153–9812–CEA98A32981C} (GameDesire Makao) – http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_20.cab
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/180solutions/ie/bridge–c580.cab
O16 – DPF: {A6212120–01D4–11D5–9A39–0080C8D85044} (GameDesire Slots 70th) – http://67.15.101.3/g_bin/pl/slots70_2_0_0_26.cab
O16 – DPF: {AB8638BB–79E8–4E9D–ABF2–8F33054E3941} (Guesser Class) – http://czat.onet.pl/client/kalambury/NetPunGame1.dll
O16 – DPF: {DE625294–70E6–45ED–B895–CFFA13AEB044} (AxisMediaControlEmb Class) – http://216.80.46.49:60173/activex/AMC.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{86977B1F–EE3B–475F–8900–6AB29213B6DB}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – D:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – D:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: Power Manager (PowerManager) – Unknown owner – D:\WINDOWS\svchost.exe
Niby na moim kompie nic dziwnego się nie dzieje, ale tak profilaktycznie chciałem sprawdzić.Na http://www.hijackthis.de/en około 15 wpisów zostało uznanych za Nasty, a kolejne jakieś 10 za Possibly nasty.
Odpowiedzi: 4
Jeszcze ściągnij sobie LSP–fix. Zaznacz tam opcję "i know what I'm doing" i przenieś "newdotnet6_98.dll" w okienko remove i naciśnij finish. Ale poza tym nic więcej nie ruszaj!
Wklej nowy log po wszystkim.
Wklej nowy log po wszystkim.
Jeszcze to:
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/180solutions/ie/bridge–c580.cab
Thx :wink: . Keylogger jest mój, tak coby wiedzieć kto co robi na kompie kiedy mnie niema :D
QDE:
D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
D:\net\programy\tipsy\keylogger\logger.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.slysoft.com/purchase.html
O2 – BHO: mwsBar BHO – {07B18EA1–A523–4961–B6BB–170DE4475CCA} – D:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 – BHO: URLLink – {4A2AACF3–ADF6–11D5–98A9–00E018981B9E} – D:\Program Files\NewDotNet\newdotnet6_98.dll
O4 – HKLM\..\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,ClientStartup –s
O4 – HKLM\..\Run: [watch] "D:\net\programy\tipsy\keylogger\logger.exe" /ukryj /lbl:SYSTEM
O4 – HKLM\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 – HKCU\..\Run: [MyWebSearch Email Plugin] D:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O10 – Hijacked Internet access by New.Net
O16 – DPF: {01347765–1965–426B–91A4–AA6BB342B9A3} (InstallerObj Class) – http://www.1–click.com/common/files/installer–hidden–test.cab
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversFWBInitialSetup1.0.0.15.cab
Wylatuje
Strona 1 / 1