otl txt
OTL logfile created on: 25.12.2013 17:41:01 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Documents and Settings\Kryton\Plocha
Windows XP Professional Edition Service Pack 2 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 6.0.2900.2180)
Locale: 00000405 | Country: Česká republika | Language: CSY | Date Format: d.M.yyyy
446,48 Mb Total Physical Memory | 159,72 Mb Available Physical Memory | 35,77% Memory free
1,03 Gb Paging File | 0,63 Gb Available in Paging File | 61,00% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 55,88 Gb Total Space | 41,06 Gb Free Space | 73,48% Space Free | Partition Type: NTFS
Computer Name: KRYTON | User Name: Kryton | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.12.25 17:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kryton\Plocha\OTL.exe
PRC - [2013.12.22 14:14:33 | 003,764,024 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2013.12.22 14:14:32 | 000,050,344 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2013.12.04 03:48:06 | 000,863,184 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Chrome\Application\chrome.exe
PRC - [2013.08.20 10:44:25 | 000,098,394 | ---- | M] (Synaptics, Inc.) -- C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
PRC - [2010.03.25 03:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2005.03.04 12:13:04 | 000,032,768 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\system32\Keyhook.exe
PRC - [2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
========== Modules (No Company Name) ==========
MOD - [2013.12.25 10:43:14 | 002,153,984 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\13122500\algo.dll
MOD - [2013.12.22 06:54:11 | 019,336,120 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\libcef.dll
MOD - [2013.12.04 03:48:04 | 000,399,312 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ppgooglenaclpluginchrome.dll
MOD - [2013.12.04 03:48:02 | 004,055,504 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\pdf.dll
MOD - [2013.12.04 03:47:08 | 001,619,408 | ---- | M] () -- C:\Program Files\Google\Chrome\Application\31.0.1650.63\ffmpegsumo.dll
========== Services (SafeList) ==========
SRV - File not found [Disabled | Stopped] -- %SystemRoot%\System32\hidserv.dll -- (HidServ)
SRV - [2013.12.22 14:14:32 | 000,050,344 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)
DRV - File not found [Kernel | On_Demand | Unknown] -- -- (TrueSight)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)
DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)
DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)
DRV - File not found [Kernel | On_Demand | Unknown] -- C:\DOCUME~1\Kryton\LOCALS~1\Temp\mbr.sys -- (mbr)
DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)
DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)
DRV - File not found [Kernel | System | Stopped] -- -- (Changer)
DRV - File not found [Kernel | On_Demand | Running] -- C:\ComboFix\catchme.sys -- (catchme)
DRV - [2013.12.22 14:14:39 | 000,775,952 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2013.12.22 14:14:39 | 000,410,528 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\aswSP.sys -- (aswSP)
DRV - [2013.12.22 14:14:39 | 000,180,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswVmm.sys -- (aswVmm)
DRV - [2013.12.22 14:14:39 | 000,067,824 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV - [2013.12.22 14:14:39 | 000,057,672 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2013.12.22 14:14:39 | 000,054,832 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2013.12.22 06:54:14 | 000,049,944 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\drivers\aswRvrt.sys -- (aswRvrt)
DRV - [2013.08.20 11:24:38 | 000,223,128 | ---- | M] () [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\dtscsi.sys -- (dtscsi)
DRV - [2013.08.20 11:17:21 | 000,664,064 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\sptd.sys -- (sptd)
DRV - [2013.08.20 10:37:51 | 001,270,540 | ---- | M] (Agere Systems) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AGRSM.sys -- (AgereSoftModem)
DRV - [2013.08.19 23:56:44 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ALCXWDM.SYS -- (ALCXWDM)
DRV - [2013.08.19 23:56:04 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisnicxp.sys -- (SISNICXP)
DRV - [2013.08.19 23:48:20 | 000,240,640 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2013.08.19 23:48:20 | 000,013,312 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2013.08.19 23:48:14 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\SISAGPX.SYS -- (SISAGP)
DRV - [2006.06.08 10:49:50 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\rt73.sys -- (RT73)
DRV - [2004.08.03 23:31:36 | 000,032,768 | ---- | M] (SiS Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisnic.sys -- (SISNIC)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" =
http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\..\SearchScopes,DefaultScope =
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_152.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},
CHR - homepage:
http://www.seznam.cz/
CHR - Extension: Dokumenty Google = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Disk Google = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Vyhled\u00E1v\u00E1n\u00ED Google = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: avast! Online Security = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2011.70_0\
CHR - Extension: Pen\u011B\u017Eenka Google = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.0_0\
CHR - Extension: Gmail = C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
O1 HOSTS File: ([2013.12.25 16:18:31 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O4 - HKLM..\Run: [AvastUI.exe] C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\Keyhook.exe (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SiSPower] C:\WINDOWS\System32\SiSPower.dll (Silicon Integrated Systems Corporation)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe (Synaptics, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra 'Tools' menuitem : ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files\ICQ7.7\ICQ.exe (ICQ, LLC.)
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Kryton\Nabídka Start\Programy\IMVU\Run IMVU.lnk File not found
O15 - HKLM\..Trusted Domains: localhost ([]http in Internet)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 109.238.32.52 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{48A87BAB-88F8-43AE-A2ED-07E9BEE29DD1}: DhcpNameServer = 109.238.32.52 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F7557FF-D2DF-42BA-877C-33C6F4329948}: DhcpNameServer = 109.238.32.52 8.8.8.8
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O24 - Desktop Components:0 (Aktuální domovská stránka) - About:Home
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2013.01.01 16:42:54 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
NetSvcs: 6to4 - File not found
NetSvcs: HidServ - %SystemRoot%\System32\hidserv.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
Drivers32: vidc.VP60 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.VP61 - C:\WINDOWS\system32\vp6vfw.dll (On2.com)
Drivers32: vidc.XVID - C:\WINDOWS\System32\xvid.dll ()
PhysicalDisk0 MBR saved to C:\PhysicalMBR.bin
========== Files/Folders - Created Within 30 Days ==========
[2013.12.25 17:37:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Kryton\Plocha\OTL.exe
[2013.12.25 16:32:37 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2013.12.25 16:31:09 | 000,000,000 | --SD | C] -- C:\ComboFix
[2013.12.25 16:21:18 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2013.12.25 09:45:33 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2013.12.25 09:39:10 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2013.12.25 09:39:10 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2013.12.25 09:39:10 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2013.12.25 09:39:10 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2013.12.25 09:38:59 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.12.25 09:38:52 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Kryton\Dokumenty\Filmy
[2013.12.25 09:38:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\erdnt
[2013.12.25 09:36:23 | 005,158,070 | R--- | C] (Swearware) -- C:\Documents and Settings\Kryton\Plocha\ComboFix.exe
[2013.12.24 15:58:31 | 000,004,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2013.12.24 15:58:30 | 000,079,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2013.12.24 15:58:30 | 000,058,112 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2013.12.24 15:58:29 | 000,142,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2013.12.24 15:58:28 | 000,023,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2013.12.24 15:58:28 | 000,016,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2013.12.24 15:58:28 | 000,004,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2013.12.24 15:58:27 | 000,023,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2013.12.24 15:58:27 | 000,021,376 | ---- | C] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2013.12.24 15:58:27 | 000,012,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2013.12.24 15:58:26 | 000,223,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2013.12.24 15:58:26 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2013.12.24 15:58:26 | 000,018,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2013.12.24 15:58:25 | 000,014,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2013.12.24 15:58:24 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sptd7533.sys.bak
[2013.12.24 15:58:24 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys.bak
[2013.12.24 15:58:24 | 000,013,312 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\srvkp.sys.bak
[2013.12.24 15:58:23 | 000,664,064 | ---- | C] (Duplex Secure Ltd.) -- C:\WINDOWS\System32\drivers\sptd.sys.bak
[2013.12.24 15:58:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnicxp.sys.bak
[2013.12.24 15:58:23 | 000,032,768 | ---- | C] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys.bak
[2013.12.24 15:58:23 | 000,025,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2013.12.24 15:58:23 | 000,014,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2013.12.24 15:58:22 | 000,240,640 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisgrp.sys.bak
[2013.12.24 15:58:22 | 000,036,992 | ---- | C] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\SISAGPX.SYS.bak
[2013.12.24 15:58:21 | 000,344,064 | ---- | C] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt73.sys.bak
[2013.12.24 15:58:21 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2013.12.24 15:58:20 | 000,200,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys.bak
[2013.12.24 15:58:20 | 000,030,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2013.12.24 15:58:20 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2013.12.24 15:58:20 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2013.12.24 15:58:19 | 000,034,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2013.12.24 15:58:17 | 000,145,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2013.12.24 15:58:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2013.12.24 15:58:16 | 000,003,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2013.12.24 15:58:15 | 000,088,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.bak
[2013.12.24 15:58:15 | 000,063,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2013.12.24 15:58:15 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2013.12.24 15:58:14 | 000,040,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys.bak
[2013.12.24 15:58:14 | 000,012,032 | ---- | C] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2013.12.24 15:58:11 | 000,072,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys.bak
[2013.12.24 15:58:09 | 000,140,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2013.12.24 15:58:09 | 000,063,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2013.12.24 15:58:09 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys.bak
[2013.12.24 15:58:09 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2013.12.24 15:58:06 | 000,036,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2013.12.24 15:58:06 | 000,024,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2013.12.24 15:58:05 | 000,012,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2013.12.24 15:58:04 | 000,223,128 | ---- | C] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys.bak
[2013.12.24 15:58:04 | 000,071,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2013.12.24 15:58:04 | 000,010,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2013.12.24 15:58:04 | 000,003,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2013.12.24 15:58:03 | 000,060,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2013.12.24 15:58:02 | 000,014,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2013.12.24 15:58:01 | 000,262,528 | ---- | C] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2013.12.24 15:58:01 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2013.12.24 15:58:01 | 000,011,776 | ---- | C] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2013.12.24 15:58:00 | 000,014,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys.bak
[2013.12.24 15:57:59 | 000,352,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2013.12.24 15:57:59 | 000,055,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2013.12.24 15:57:59 | 000,031,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2013.12.24 15:57:57 | 000,040,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys.bak
[2013.12.24 15:57:56 | 002,311,680 | ---- | C] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS.bak
[2013.12.24 15:57:55 | 001,270,540 | ---- | C] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys.bak
[2013.12.24 15:56:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Plocha\RK_Quarantine
[2013.12.24 12:56:24 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2013.12.24 11:05:41 | 000,000,000 | RH-D | C] -- C:\Documents and Settings\Kryton\Recent
[2013.12.24 09:01:12 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Data aplikací\Malwarebytes
[2013.12.24 09:00:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Malwarebytes' Anti-Malware
[2013.12.24 09:00:45 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Malwarebytes
[2013.12.24 09:00:42 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2013.12.24 09:00:42 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2013.12.24 08:59:09 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kryton\Plocha\mbam-setup-1.75.0.1300 (1).exe
[2013.12.24 08:58:47 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kryton\Plocha\mbam-setup-1.75.0.1300.exe
[2013.12.24 08:47:14 | 000,000,000 | ---D | C] -- C:\Program Files\trend micro
[2013.12.24 08:31:13 | 000,000,000 | ---D | C] -- C:\rsit
[2013.12.22 06:55:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Data aplikací\AVAST Software
[2013.12.22 06:54:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Avast
[2013.12.22 06:54:21 | 000,057,672 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.12.22 06:54:20 | 000,410,528 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.12.22 06:54:19 | 000,775,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.12.22 06:54:19 | 000,067,824 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.12.22 06:54:18 | 000,054,832 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.12.22 06:54:15 | 000,270,240 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.12.22 06:54:11 | 000,043,152 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.12.22 06:53:23 | 000,000,000 | ---D | C] -- C:\Program Files\AVAST Software
[2013.12.21 16:19:00 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2013.12.21 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Local Settings\Data aplikací\MFAData
[2013.12.21 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2013.12.21 16:18:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Local Settings\Data aplikací\Avg2014
[2013.12.21 11:05:02 | 000,000,000 | ---D | C] -- C:\Program Files\VS Revo Group
[2013.12.20 18:18:16 | 000,000,000 | ---D | C] -- C:\sh4ldr
[2013.12.20 18:17:30 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Wise Installation Wizard
[2013.12.20 17:10:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Local Settings\Data aplikací\CRE
[2013.12.20 14:02:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Nabídka Start\Programy\Google Chrome
[2013.12.20 14:00:40 | 000,000,000 | ---D | C] -- C:\Program Files\Google
[2013.12.08 16:24:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Dokumenty\Simutrans
[2013.12.08 16:15:10 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Kryton\Nabídka Start\Programy\Simutrans
[2013.12.08 16:15:05 | 000,000,000 | ---D | C] -- C:\Program Files\Simutrans
[2013.12.06 17:01:47 | 000,000,000 | ---D | C] -- C:\Games
[2013.12.06 07:00:27 | 000,306,688 | ---- | C] (InstallShield Software Corporation) -- C:\WINDOWS\IsUninst.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.12.25 17:42:53 | 000,000,512 | ---- | M] () -- C:\PhysicalMBR.bin
[2013.12.25 17:37:50 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Kryton\Plocha\OTL.exe
[2013.12.25 16:18:31 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2013.12.25 16:18:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2013.12.25 16:18:20 | 468,242,432 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.25 09:45:41 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2013.12.25 09:37:22 | 005,158,070 | R--- | M] (Swearware) -- C:\Documents and Settings\Kryton\Plocha\ComboFix.exe
[2013.12.25 08:21:59 | 000,004,352 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\wmilib.sys.bak
[2013.12.25 08:21:58 | 000,079,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\videoprt.sys.bak
[2013.12.25 08:21:57 | 000,058,112 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\vdmindvd.sys.bak
[2013.12.25 08:21:56 | 000,142,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbport.sys.bak
[2013.12.25 08:21:56 | 000,016,000 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbintel.sys.bak
[2013.12.25 08:21:55 | 000,023,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd2.sys.bak
[2013.12.25 08:21:55 | 000,004,736 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbd.sys.bak
[2013.12.25 08:21:54 | 000,023,808 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usbcamd.sys.bak
[2013.12.25 08:21:54 | 000,012,672 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\usb8023.sys.bak
[2013.12.25 08:21:53 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tosdvd.sys.bak
[2013.12.25 08:21:53 | 000,021,376 | ---- | M] (Toshiba Corporation) -- C:\WINDOWS\System32\drivers\tsbvcap.sys.bak
[2013.12.25 08:21:52 | 000,018,560 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tdi.sys.bak
[2013.12.25 08:21:51 | 000,223,616 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tcpip6.sys.bak
[2013.12.25 08:21:50 | 000,014,976 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\tape.sys.bak
[2013.12.25 08:21:49 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\stream.sys.bak
[2013.12.25 08:21:48 | 000,013,312 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\srvkp.sys.bak
[2013.12.25 08:21:47 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sptd7533.sys.bak
[2013.12.25 08:21:46 | 000,025,472 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\sonydcam.sys.bak
[2013.12.25 08:21:45 | 000,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnicxp.sys.bak
[2013.12.25 08:21:45 | 000,032,768 | ---- | M] (SiS Corporation) -- C:\WINDOWS\System32\drivers\sisnic.sys.bak
[2013.12.25 08:21:45 | 000,014,592 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\smclib.sys.bak
[2013.12.25 08:21:44 | 000,240,640 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\sisgrp.sys.bak
[2013.12.25 08:21:44 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) -- C:\WINDOWS\System32\drivers\SISAGPX.SYS.bak
[2013.12.25 08:21:42 | 000,096,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\scsiport.sys.bak
[2013.12.25 08:21:41 | 000,344,064 | ---- | M] (Ralink Technology, Corp.) -- C:\WINDOWS\System32\drivers\rt73.sys.bak
[2013.12.25 08:21:41 | 000,200,064 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\RMCast.sys.bak
[2013.12.25 08:21:41 | 000,030,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rndismp.sys.bak
[2013.12.25 08:21:40 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\riodrv.sys.bak
[2013.12.25 08:21:40 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\rio8drv.sys.bak
[2013.12.25 08:21:38 | 000,034,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\rawwan.sys.bak
[2013.12.25 08:21:36 | 000,145,792 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\portcls.sys.bak
[2013.12.25 08:21:35 | 000,025,088 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\pciidex.sys.bak
[2013.12.25 08:21:34 | 000,003,456 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\oprghdlr.sys.bak
[2013.12.25 08:21:33 | 000,088,448 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkipx.sys.bak
[2013.12.25 08:21:33 | 000,063,232 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnknb.sys.bak
[2013.12.25 08:21:33 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nwlnkspx.sys.bak
[2013.12.25 08:21:31 | 000,040,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\nmnt.sys.bak
[2013.12.25 08:21:30 | 000,012,032 | ---- | M] (S3/Diamond Multimedia Systems) -- C:\WINDOWS\System32\drivers\nikedrv.sys.bak
[2013.12.25 08:21:25 | 000,072,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mqac.sys.bak
[2013.12.25 08:21:24 | 000,063,744 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mf.sys.bak
[2013.12.25 08:21:23 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys.bak
[2013.12.25 08:21:23 | 000,007,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\mcd.sys.bak
[2013.12.25 08:21:22 | 000,140,928 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\ks.sys.bak
[2013.12.25 08:21:16 | 000,036,224 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidclass.sys.bak
[2013.12.25 08:21:16 | 000,024,960 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\hidparse.sys.bak
[2013.12.25 08:21:15 | 000,012,160 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\fsvga.sys.bak
[2013.12.25 08:21:12 | 000,071,040 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxg.sys.bak
[2013.12.25 08:21:12 | 000,010,496 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxapi.sys.bak
[2013.12.25 08:21:12 | 000,003,328 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\dxgthk.sys.bak
[2013.12.25 08:21:11 | 000,223,128 | ---- | M] (DT Soft Ltd.) -- C:\WINDOWS\System32\drivers\dtscsi.sys.bak
[2013.12.25 08:21:11 | 000,060,288 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\drmk.sys.bak
[2013.12.25 08:21:08 | 000,014,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\diskdump.sys.bak
[2013.12.25 08:21:07 | 000,011,776 | ---- | M] (Compaq Computer Corporation) -- C:\WINDOWS\System32\drivers\cpqdap01.sys.bak
[2013.12.25 08:21:06 | 000,049,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\classpnp.sys.bak
[2013.12.25 08:21:05 | 000,262,528 | ---- | M] (RAVISENT Technologies Inc.) -- C:\WINDOWS\System32\drivers\cinemst2.sys.bak
[2013.12.25 08:21:02 | 000,352,256 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmuni.sys.bak
[2013.12.25 08:21:02 | 000,014,080 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\battc.sys.bak
[2013.12.25 08:21:01 | 000,055,936 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmlane.sys.bak
[2013.12.25 08:21:01 | 000,031,360 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\atmepvc.sys.bak
[2013.12.25 08:20:58 | 000,040,832 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\drivers\amdk6.sys.bak
[2013.12.25 08:20:56 | 002,311,680 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\ALCXWDM.SYS.bak
[2013.12.25 08:20:54 | 001,270,540 | ---- | M] (Agere Systems) -- C:\WINDOWS\System32\drivers\AGRSM.sys.bak
[2013.12.24 18:45:14 | 320,664,172 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x12-Vortex-CZdab-DVD.avi
[2013.12.24 18:25:04 | 407,294,304 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x10-Postupujte-k-domovu-CZdab-DVD.avi
[2013.12.24 17:56:13 | 325,329,174 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x09-Pasažér-CZdab-DVD.avi
[2013.12.24 17:06:44 | 301,951,944 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x08-Daxová-CZdab-DVD (1).avi
[2013.12.24 15:49:57 | 003,770,368 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\RogueKiller.exe
[2013.12.24 12:56:02 | 001,233,962 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\adwcleaner.exe
[2013.12.24 09:00:48 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Malwarebytes Anti-Malware.lnk
[2013.12.24 08:59:30 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kryton\Plocha\mbam-setup-1.75.0.1300 (1).exe
[2013.12.24 08:59:10 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Kryton\Plocha\mbam-setup-1.75.0.1300.exe
[2013.12.24 08:46:57 | 000,781,383 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\RSIT.exe
[2013.12.23 16:58:05 | 233,382,137 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x08-Daxová-CZdab-DVD.avi
[2013.12.23 15:45:58 | 330,378,292 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x07-Bez-Q-CZdab-DVD.avi
[2013.12.23 15:17:00 | 000,000,012 | ---- | M] () -- C:\Documents and Settings\Kryton\intlname.ols
[2013.12.23 14:07:47 | 000,013,824 | ---- | M] () -- C:\Documents and Settings\Kryton\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.12.22 14:14:44 | 000,000,316 | -H-- | M] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.12.22 14:14:39 | 000,775,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2013.12.22 14:14:39 | 000,410,528 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2013.12.22 14:14:39 | 000,180,248 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.12.22 14:14:39 | 000,067,824 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswMonFlt.sys
[2013.12.22 14:14:39 | 000,057,672 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2013.12.22 14:14:39 | 000,054,832 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2013.12.22 14:14:38 | 000,270,240 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2013.12.22 14:14:38 | 000,043,152 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2013.12.22 07:07:44 | 000,000,719 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\VLC media player.lnk
[2013.12.22 06:54:14 | 000,049,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.12.21 18:25:46 | 000,045,089 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\1387646732.bdinstall.bin
[2013.12.20 19:46:03 | 000,000,936 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cefdb3bc249d14.job
[2013.12.20 14:02:58 | 000,001,813 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2013.12.18 08:26:34 | 000,064,346 | ---- | M] () -- C:\Documents and Settings\Kryton\Plocha\34063181_720.jpg
[2013.12.09 15:47:51 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.12.25 17:42:53 | 000,000,512 | ---- | C] () -- C:\PhysicalMBR.bin
[2013.12.25 09:45:41 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2013.12.25 09:45:34 | 000,261,312 | RHS- | C] () -- C:\cmldr
[2013.12.25 09:39:10 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2013.12.25 09:39:10 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2013.12.25 09:39:10 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2013.12.25 09:39:10 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2013.12.25 09:39:10 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2013.12.24 18:27:10 | 320,664,172 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x12-Vortex-CZdab-DVD.avi
[2013.12.24 18:00:45 | 407,294,304 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x10-Postupujte-k-domovu-CZdab-DVD.avi
[2013.12.24 17:37:53 | 325,329,174 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x09-Pasažér-CZdab-DVD.avi
[2013.12.24 16:49:36 | 301,951,944 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x08-Daxová-CZdab-DVD (1).avi
[2013.12.24 15:49:50 | 003,770,368 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\RogueKiller.exe
[2013.12.24 12:55:55 | 001,233,962 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\adwcleaner.exe
[2013.12.24 09:00:48 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Malwarebytes Anti-Malware.lnk
[2013.12.24 08:46:54 | 000,781,383 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\RSIT.exe
[2013.12.23 16:21:20 | 233,382,137 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x08-Daxová-CZdab-DVD.avi
[2013.12.23 15:27:24 | 330,378,292 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\Star-Trek-Hluboký-vesmír-9-01x07-Bez-Q-CZdab-DVD.avi
[2013.12.22 06:54:41 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\tasks\avast! Emergency Update.job
[2013.12.22 06:54:20 | 000,180,248 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys
[2013.12.22 06:54:20 | 000,049,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswRvrt.sys
[2013.12.21 18:25:46 | 000,045,089 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\1387646732.bdinstall.bin
[2013.12.20 19:46:03 | 000,000,936 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1cefdb3bc249d14.job
[2013.12.20 14:02:57 | 000,001,813 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Plocha\Google Chrome.lnk
[2013.12.18 08:26:22 | 000,064,346 | ---- | C] () -- C:\Documents and Settings\Kryton\Plocha\34063181_720.jpg
[2013.08.26 07:30:49 | 000,013,824 | ---- | C] () -- C:\Documents and Settings\Kryton\Local Settings\Data aplikací\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.08.21 15:53:46 | 000,000,012 | ---- | C] () -- C:\Documents and Settings\Kryton\intlname.ols
[2013.08.20 16:01:45 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswVmm.sys.sum
[2013.08.20 16:01:45 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSP.sys.sum
[2013.08.20 16:01:45 | 000,000,175 | ---- | C] () -- C:\WINDOWS\System32\drivers\aswSnx.sys.sum
[2013.08.20 13:38:13 | 000,000,390 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.08.20 11:28:20 | 000,180,224 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2013.08.20 11:24:38 | 000,223,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\dtscsi.sys
[2013.08.20 11:17:21 | 000,096,256 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd7533.sys
[2013.08.19 23:57:10 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini
[2013.08.19 23:57:06 | 000,156,672 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2013.08.19 23:57:06 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\ChCfg.exe
[2013.08.19 23:57:04 | 000,001,240 | ---- | C] () -- C:\WINDOWS\System32\drivers\alcxinit.dat
[2013.08.19 23:48:43 | 000,083,997 | ---- | C] () -- C:\WINDOWS\VGAsetup.ini
[2013.08.19 23:48:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\InstFunc.exe
[2013.08.19 23:48:30 | 000,100,839 | ---- | C] () -- C:\WINDOWS\System32\VGAunistlog.ini
[2013.08.19 17:26:07 | 000,004,249 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2013.08.19 17:24:54 | 000,116,560 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2013.08.19 15:55:24 | 000,315,392 | ---- | C] () -- C:\WINDOWS\System32\AegisI5.exe
[2013.08.19 15:55:24 | 000,295,018 | ---- | C] () -- C:\WINDOWS\System32\Install7x.dll
[2013.08.19 15:55:24 | 000,002,048 | ---- | C] () -- C:\WINDOWS\System32\drivers\rt73.bin
[2013.08.19 15:46:26 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.19 15:38:30 | 000,021,812 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2013.08.19 15:00:25 | 000,313,208 | ---- | C] () -- C:\WINDOWS\System32\perfh005.dat
[2013.08.19 15:00:25 | 000,269,162 | ---- | C] () -- C:\WINDOWS\System32\perfi005.dat
[2013.08.19 15:00:25 | 000,047,404 | ---- | C] () -- C:\WINDOWS\System32\perfc005.dat
[2013.08.19 15:00:25 | 000,032,072 | ---- | C] () -- C:\WINDOWS\System32\perfd005.dat
[2013.08.19 14:41:29 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2013.08.19 14:40:12 | 000,314,706 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2013.08.19 14:40:12 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2013.08.19 14:40:12 | 000,041,034 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2013.08.19 14:40:12 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2013.08.19 14:38:37 | 000,004,463 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2013.08.19 14:36:01 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2013.08.19 14:35:19 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2013.08.19 14:32:49 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2013.08.19 14:32:47 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2013.08.19 14:32:05 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\ieencode.dll
[2013.08.19 14:31:36 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2013.08.19 14:30:58 | 000,001,788 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2013.06.09 07:02:06 | 000,410,504 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Data aplikací\FontCache3.0.0.0.dat
[2012.06.22 11:01:32 | 000,019,984 | ---- | C] () -- C:\WINDOWS\System32\ESGScanner.sys
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shdocvw.dll -- [2004.08.17 14:49:18 | 001,483,776 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2004.08.17 14:49:08 | 000,472,064 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2004.08.17 14:49:20 | 000,273,920 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
========== LOP Check ==========
[2013.12.22 06:51:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\AVAST Software
[2013.09.05 12:24:07 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CanonBJ
[2013.09.05 12:24:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CanonIJMSetup
[2013.09.05 12:24:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\CanonIJWSpt
[2013.12.21 16:19:00 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Common Files
[2013.12.21 16:20:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\MFAData
[2013.09.13 07:29:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Data aplikací\Panda Security
[2013.12.22 06:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\AVAST Software
[2013.10.19 11:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\ICQ
[2013.09.19 15:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\ICQ-Profile
[2013.09.13 07:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Panda Security
========== Purity Check ==========
========== Custom Scans ==========
< >
[2013.08.19 15:39:19 | 000,000,065 | RH-- | C] () -- C:\WINDOWS\Tasks\desktop.ini
[2013.08.19 15:47:49 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.12.20 19:46:03 | 000,000,936 | ---- | C] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cefdb3bc249d14.job
[2013.12.22 06:54:41 | 000,000,316 | -H-- | C] () -- C:\WINDOWS\Tasks\avast! Emergency Update.job
< >
< MD5 for: AGP440.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:AGP440.sys
< MD5 for: ATAPI.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:atapi.sys
[2004.08.17 14:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\erdnt\cache\atapi.sys
[2004.08.17 14:57:28 | 000,095,360 | ---- | M] (Microsoft Corporation) MD5=CDFE4411A69C224BD1D11B2DA92DAC51 -- C:\WINDOWS\system32\drivers\atapi.sys
< MD5 for: AUTOCHK.EXE >
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\cmdcons\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\autochk.exe
[2004.08.17 14:49:22 | 000,601,088 | ---- | M] (Microsoft Corporation) MD5=CEA8636EC12F062C1ED8A7CB4E75324F -- C:\WINDOWS\system32\dllcache\autochk.exe
< MD5 for: CDROM.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:cdrom.sys
[2004.08.17 14:57:28 | 000,049,536 | ---- | M] (Microsoft Corporation) MD5=AF9C19B3100FE010496B1A27181FBF72 -- C:\WINDOWS\system32\drivers\cdrom.sys
< MD5 for: CRYPTSVC.DLL >
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\erdnt\cache\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\cryptsvc.dll
[2004.08.17 14:49:04 | 000,060,416 | ---- | M] (Microsoft Corporation) MD5=70D2A1756F4B2067658A186C963FCABD -- C:\WINDOWS\system32\dllcache\cryptsvc.dll
< MD5 for: EVENTLOG.DLL >
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\erdnt\cache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\dllcache\eventlog.dll
[2004.08.17 14:49:08 | 000,055,808 | ---- | M] (Microsoft Corporation) MD5=6EB66066D5C0175320CFEA0A4C74C88F -- C:\WINDOWS\system32\eventlog.dll
< MD5 for: EXPLORER.EXE >
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\erdnt\cache\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\explorer.exe
[2004.08.17 14:49:24 | 001,032,704 | ---- | M] (Microsoft Corporation) MD5=53114D57AB73A406AC7F602227781A99 -- C:\WINDOWS\system32\dllcache\explorer.exe
< MD5 for: HAL.DLL >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:hal.dll
[2004.08.17 14:57:28 | 000,131,968 | ---- | M] (Microsoft Corporation) MD5=F9A0F579FC18036FFDD9E26E0D268CCD -- C:\WINDOWS\system32\hal.dll
< MD5 for: CHANGER.SYS >
[2004.08.17 14:57:28 | 018,786,869 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp2.cab:Changer.sys
< MD5 for: ISAPNP.SYS >
[2001.10.25 13:00:00 | 000,035,840 | ---- | M] (Microsoft Corporation) MD5=1091528512E4DD7ED5FDDCC4DF1C53D7 -- C:\WINDOWS\system32\drivers\isapnp.sys
< MD5 for: LSASS.EXE >
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\erdnt\cache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\dllcache\lsass.exe
[2004.08.17 14:49:24 | 000,013,312 | ---- | M] (Microsoft Corporation) MD5=82A362FE1D4980B71B588D9C10748511 -- C:\WINDOWS\system32\lsass.exe
< MD5 for: NDIS.SYS >
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\erdnt\cache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\dllcache\ndis.sys
[2004.08.03 22:14:30 | 000,182,912 | ---- | M] (Microsoft Corporation) MD5=558635D3AF1C7546D26067D5D9B6959E -- C:\WINDOWS\system32\drivers\ndis.sys
< MD5 for: NETLOGON.DLL >
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\erdnt\cache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\dllcache\netlogon.dll
[2004.08.17 14:49:14 | 000,407,040 | ---- | M] (Microsoft Corporation) MD5=2591CADAEF7D2242039255028E577688 -- C:\WINDOWS\system32\netlogon.dll
< MD5 for: SCECLI.DLL >
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\erdnt\cache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\dllcache\scecli.dll
[2004.08.17 14:49:18 | 000,184,832 | ---- | M] (Microsoft Corporation) MD5=07119058D451CB7EA4317BCFDA8599A6 -- C:\WINDOWS\system32\scecli.dll
< MD5 for: SMSS.EXE >
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\dllcache\smss.exe
[2004.08.17 14:49:28 | 000,050,688 | ---- | M] (Microsoft Corporation) MD5=04B69D49D7FC3358A372E97DB6D39447 -- C:\WINDOWS\system32\smss.exe
[2004.08.17 15:49:28 | 000,164,864 | ---- | M] (Microsoft Corporation) MD5=3C100B7FDB179B63829103DF6541337F -- C:\cmdcons\SYSTEM32\SMSS.EXE
< MD5 for: SVCHOST.EXE >
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\erdnt\cache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\dllcache\svchost.exe
[2004.08.17 14:49:28 | 000,014,336 | ---- | M] (Microsoft Corporation) MD5=DFBA2915B0BF58ABB288CD4C9318CB3F -- C:\WINDOWS\system32\svchost.exe
< MD5 for: TCPIP.SYS >
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\erdnt\cache\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\dllcache\tcpip.sys
[2004.08.03 22:14:42 | 000,359,040 | ---- | M] (Microsoft Corporation) MD5=9F4B36614A0FC234525BA224957DE55C -- C:\WINDOWS\system32\drivers\tcpip.sys
< MD5 for: USERINIT.EXE >
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\erdnt\cache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\dllcache\userinit.exe
[2004.08.17 14:49:28 | 000,024,576 | ---- | M] (Microsoft Corporation) MD5=836F7960362FF95C5D49E40B891F2CFC -- C:\WINDOWS\system32\userinit.exe
< MD5 for: WINLOGON.EXE >
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\erdnt\cache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\dllcache\winlogon.exe
[2004.08.17 14:49:28 | 000,502,272 | ---- | M] (Microsoft Corporation) MD5=221C29AE1B4CC61D11D8B27DE78B2307 -- C:\WINDOWS\system32\winlogon.exe
[2013.04.04 14:50:32 | 000,218,184 | ---- | M] () MD5=B4C6E3889BB310CA7E974A04EC6E46AC -- C:\Program Files\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
< MD5 for: WS2_32.DLL >
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\erdnt\cache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\dllcache\ws2_32.dll
[2004.08.17 14:49:22 | 000,082,944 | ---- | M] (Microsoft Corporation) MD5=382E9B87F1282E697C67AF84E34E35E2 -- C:\WINDOWS\system32\ws2_32.dll
< >
< %systemroot%*.* /U /s >
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[4 C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp files -> C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\*.tmp -> ]
[2 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< %ALLUSERSPROFILE%\Application Data\*. >
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
< %APPDATA%\*. >
[2013.08.21 16:10:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Adobe
[2013.12.22 06:55:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\AVAST Software
[2013.12.14 20:27:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\dvdcss
[2013.10.19 11:06:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\ICQ
[2013.09.19 15:33:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\ICQ-Profile
[2013.08.19 15:50:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Identities
[2013.09.19 15:40:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\InstallShield
[2013.08.20 13:09:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Macromedia
[2013.12.24 09:01:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Malwarebytes
[2013.10.29 11:21:14 | 000,000,000 | --SD | M] -- C:\Documents and Settings\Kryton\Data aplikací\Microsoft
[2013.09.13 07:35:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Panda Security
[2013.11.02 17:07:19 | 000,000,000 | RH-D | M] -- C:\Documents and Settings\Kryton\Data aplikací\SecuROM
[2013.10.29 07:18:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\Sun
[2013.12.24 23:59:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Kryton\Data aplikací\vlc
< %APPDATA%\*.exe /s >
[2013.12.20 18:18:31 | 000,110,080 | R--- | M] () -- C:\Documents and Settings\Kryton\Data aplikací\Microsoft\Installer\{A358F2F6-2500-420C-989C-25C4F22DF51E}\IconCF33A0CE.exe
[2013.12.20 18:18:31 | 000,110,080 | R--- | M] () -- C:\Documents and Settings\Kryton\Data aplikací\Microsoft\Installer\{A358F2F6-2500-420C-989C-25C4F22DF51E}\IconD7F16134.exe
[2013.12.20 18:18:31 | 000,110,080 | R--- | M] () -- C:\Documents and Settings\Kryton\Data aplikací\Microsoft\Installer\{A358F2F6-2500-420C-989C-25C4F22DF51E}\IconF7A21AF7.exe
< %systemroot%\*. /mp /s >
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\Tasks\*.job /lockedfiles >
< %systemroot%\system32\drivers\*.sys /lockedfiles >
[2013.08.20 11:24:38 | 000,223,128 | ---- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\dtscsi.sys
[2013.08.20 11:17:21 | 000,664,064 | ---- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd.sys
[2013.08.20 11:17:21 | 000,096,256 | ---- | M] ()
Unable to obtain MD5 -- C:\WINDOWS\system32\drivers\sptd7533.sys
< %systemroot%\System32\config\*.sav >
[2013.08.19 17:24:05 | 000,094,208 | ---- | M] () -- C:\WINDOWS\System32\config\default.sav
[2013.08.19 17:24:05 | 000,663,552 | ---- | M] () -- C:\WINDOWS\System32\config\software.sav
[2013.08.19 17:24:05 | 000,458,752 | ---- | M] () -- C:\WINDOWS\System32\config\system.sav
< %systemroot%\system32\*.dll /lockedfiles >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system32\drivers\*.sys /3 >
< %systemroot%\system32\*.* /3 >
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %SYSTEMDRIVE%\*.exe >
< >
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s >
< reg query "HKLM\Software\Microsoft\Windows NT\CurrentVersion\winlogon" /v GinaDLL /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINLOGON
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wuauserv" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\WUAUSERV
IMAGEPATH REG_EXPAND_SZ %systemroot%\system32\svchost.exe -k netsvcs
< reg query "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BITS" /v ImagePath /c >
! REG.EXE VERSION 3.0
HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\BITS
IMAGEPATH REG_EXPAND_SZ %SystemRoot%\system32\svchost.exe -k netsvcs
< >
< type c:\boot.ini >> test.txt /c >
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
< %SystemDrive%\PhysicalMBR.bin /md5 >
[2013.12.25 17:42:53 | 000,000,512 | ---- | M] () MD5=C45483383152F42413AA72ACCA1BF429 -- C:\PhysicalMBR.bin
< >
< *crack* /s >
[2007.05.26 09:16:59 | 003,074,346 | ---- | M] () -- \Documents and Settings\Kryton\Plocha\DOTA\plus_crack.zip
< *keygen* /s >
< *AntiWPA* /s >
< *loader* /s >
[2013.09.19 15:53:27 | 000,005,795 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\loader.jpg
[2013.09.19 15:53:28 | 000,004,180 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\IMAGES\XtraPreloader\zlango-preloader.png
[2013.09.19 15:53:26 | 000,005,520 | ---- | M] () -- \Program Files\ICQ7.7\imApp\theme\MUICoreLib\xtraLoader.swf
[2012.04.20 10:29:39 | 000,002,886 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\babylon_feed\preloader01_b.swf
[2012.04.20 10:29:39 | 000,000,402 | ---- | M] () -- \Program Files\ICQ7.7\Xtraz\icq\content\profile_lightboxs\preloader.html
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dmloader.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2004.08.17 14:49:06 | 000,035,840 | ---- | M] () -- \WINDOWS\system32\dllcache\dmloader.dll
< *minodlogin* /s >
< *tnod* /s >
< *AutoKMS* /s >
< *activator* /s >
< *serial* /s >
[2004.08.17 15:44:16 | 000,030,301 | ---- | M] () -- \cmdcons\SERIAL.SY_
[2006.02.06 11:13:24 | 000,000,037 | ---- | M] () -- \Documents and Settings\Kryton\Plocha\program\Microsoft-Office-2003-CZ\Microsoft Office 2003 CZ\SERIAL.txt
[2008.07.29 18:16:38 | 000,966,656 | ---- | M] () -- \Program Files\Reference Assemblies\Microsoft\Framework\v3.0\System.Runtime.Serialization.dll
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\serialui.dll
[1 \WINDOWS\system32\*.tmp files -> \WINDOWS\system32\*.tmp -> ]
[2001.10.25 13:00:00 | 000,053,520 | ---- | M] () -- \WINDOWS\system32\dllcache\dpserial.dll
[2001.10.25 13:00:00 | 000,014,336 | ---- | M] () -- \WINDOWS\system32\dllcache\serialui.dll
[2004.08.17 14:57:28 | 000,064,640 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys
[2013.12.25 08:21:43 | 000,064,640 | ---- | M] () -- \WINDOWS\system32\drivers\serial.sys.bak
< *w7lxe* /s >
< End of report >
Pokud nemate, zazalohujte si radeji dulezita data (fotky, dokumenty, atd.) 
Stahnete ComboFix http://download.bleepingcomputer.com/sUBs/ComboFix.exe a ulozte ho na plochu.
Pri tom prohledani to zaroven vykonalo prikazy, ktere jsem mu zadal.
