Výrazně zpomalený PC -prosím o pomoc

[Olin]

Před pár dny jsem aktualizoval Mozillu Firefox 10 a postupně mi začal zpomalovat počítač, zejména pokud přeskakuji na internetu z jedné stránky na druhou. Prosím o pomoc. Díky.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ing.Kašpar Oldřich at 2012-02-09 18:27:13
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 57 GB (37%) free of 153 GB
Total RAM: 478 MB (51% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:27:52, on 9.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\S3trayp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\WINDOWS\STK03N\STK03NM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Ing.Kašpar Oldřich.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\ctbr.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Crawler lišta - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\ctbr.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [W_MRPPRN] C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: STK03N PNP Monitor.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout pomocí NetXferu - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí Net&Xferu - C:\Program Files\Xi\NetXfer\NXAddList.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} (RSClientPrint 2008 Class) - https://intranet.avivazp.cz/ReportServe ... b&Arch=X86
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4955200578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E48F11AB-74FF-4D73-A4E3-B9D7FA9727F4}: NameServer = 10.10.255.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\ctbr.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 10147 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\ParetoLogic Update Version2.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, cs@dictionaries.addons.mozilla.org:1.0.2, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, qtl.co.il@gmail.com:14.3, {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.7, eurotranxp2@microton.cz:2.0, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
talkback@mozilla(2).org
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
google.xml
wikipedia-cz.xml

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\extensions\
centrumpomocnik@centrum.cz
cs@dictionaries.addons.mozilla.org
eurotranxp2@microton.cz
qtl.co.il@gmail.com
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\searchplugins\
crawlersrch.xml
hledejcenycz.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-38.xml
icqplugin-39.xml
icqplugin-4.xml
icqplugin-40.xml
icqplugin-41.xml
icqplugin-42.xml
icqplugin-43.xml
icqplugin-44.xml
icqplugin-45.xml
icqplugin-46.xml
icqplugin-47.xml
icqplugin-48.xml
icqplugin-49.xml
icqplugin-5.xml
icqplugin-50.xml
icqplugin-51.xml
icqplugin-52.xml
icqplugin-53.xml
icqplugin-54.xml
icqplugin-55.xml
icqplugin-56.xml
icqplugin-57.xml
icqplugin-58.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
MyStart Search.xml
qtl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
XTTBPos00 Class - C:\PROGRA~1\ICQTOO~1\toolbaru.dll [2006-12-25 701952]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
C:\PROGRA~1\Crawler\ctbr.dll [2010-06-25 1241448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]
NXIECatcher Class - C:\Program Files\Xi\NetXfer\NXIEHelper.dll [2007-08-15 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{4B3803EA-5230-4DC3-A7FC-33638F3D3542} - &Crawler lišta - C:\PROGRA~1\Crawler\ctbr.dll [2010-06-25 1241448]
{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - NetXfer - C:\Program Files\Xi\NetXfer\NXToolBar.dll [2007-07-11 57344]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-07-10 176128]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2008-02-21 1647912]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"zzz_ImInstaller_IncrediMail"=C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe [2011-07-02 496992]
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2003-09-16 1212466]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2010-10-31 353736]
"Magentic"=C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-07-10 475180]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"W_MRPPRN"=C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe [2011-12-18 1142272]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
STK03N PNP Monitor.lnk - C:\WINDOWS\STK03N\STK03NM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe"="C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe:LocalSubNet:Enabled:Firebird server 2.1"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe:*:Enabled:IncrediMail Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-02-09 18:27:20 ----D---- C:\Program Files\trend micro
2012-02-09 18:27:13 ----D---- C:\rsit
2012-02-08 22:43:52 ----D---- C:\Program Files\Google
2012-02-08 22:43:52 ----D---- C:\Program Files\CCleaner
2012-02-08 20:51:36 ----D---- C:\Program Files\Common Files\Java
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\java.exe
2012-02-06 02:57:28 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-02-06 02:57:27 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-02-06 02:57:23 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\avastSS.scr
2012-02-06 02:55:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-02-06 02:55:02 ----D---- C:\Program Files\AVAST Software
2012-02-06 02:14:43 ----N---- C:\WINDOWS\system32\isutil.dll
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune5.exe
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune.ini
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\ZShp1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\zpppcl.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\vs1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\pcldll6l.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZUNINST.EXE
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZTAG32.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZSPOOL.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zpp.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zPJL.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlmhp1.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlm.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\Zlang.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\hpflash1.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\zstatus.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\ZGDI32.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\SDhp1000.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\Sd32.dll
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\IMF32.DLL
2012-02-06 02:14:32 ----D---- C:\Program Files\hp Laserjet 1005
2012-02-06 01:23:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-02-06 00:33:57 ----D---- C:\MrpWin
2012-01-31 21:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-31 15:54:58 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\IllustrationStorage
2012-01-22 18:11:49 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Zoner
2012-01-21 17:38:49 ----D---- C:\WINDOWS\system32\QuickTime
2012-01-21 17:13:09 ----D---- C:\Program Files\Canon
2012-01-11 15:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 15:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 15:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 15:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-11 14:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$

======List of files/folders modified in the last 1 month======

2012-02-09 18:27:48 ----D---- C:\WINDOWS\Prefetch
2012-02-09 18:27:20 ----RD---- C:\Program Files
2012-02-09 14:56:52 ----D---- C:\WINDOWS\Temp
2012-02-09 09:07:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-08 22:44:18 ----SHD---- C:\WINDOWS\Installer
2012-02-08 22:44:18 ----D---- C:\WINDOWS\system32
2012-02-08 22:44:18 ----D---- C:\Program Files\Common Files
2012-02-08 22:44:18 ----D---- C:\Config.Msi
2012-02-08 22:44:14 ----D---- C:\Program Files\Crawler
2012-02-08 22:44:11 ----D---- C:\Program Files\Mozilla Firefox
2012-02-08 22:44:00 ----D---- C:\Program Files\Privacy and Registry Cleaner
2012-02-08 22:43:36 ----HD---- C:\WINDOWS\inf
2012-02-08 22:43:36 ----D---- C:\WINDOWS\system32\drivers
2012-02-08 22:43:36 ----D---- C:\WINDOWS
2012-02-08 22:43:35 ----D---- C:\WINDOWS\WinSxS
2012-02-08 22:42:59 ----RSD---- C:\WINDOWS\Fonts
2012-02-08 22:42:59 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-08 22:42:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-08 20:49:21 ----D---- C:\Program Files\Java
2012-02-08 20:35:26 ----RASH---- C:\boot.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\win.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\system.ini
2012-02-08 20:35:25 ----D---- C:\WINDOWS\pss
2012-02-08 13:48:31 ----SD---- C:\WINDOWS\Tasks
2012-02-07 19:07:09 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-06 02:58:45 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-06 02:51:39 ----D---- C:\MRPPRN
2012-02-06 00:49:49 ----D---- C:\WINDOWS\system32\config
2012-02-06 00:49:27 ----D---- C:\WINDOWS\system32\wbem
2012-02-06 00:49:26 ----D---- C:\WINDOWS\Registration
2012-02-06 00:46:24 ----D---- C:\Program Files\QuickTime
2012-02-06 00:45:49 ----D---- C:\Program Files\rajce
2012-01-31 20:19:52 ----D---- C:\MRP
2012-01-31 15:46:03 ----D---- C:\Data reloading
2012-01-31 14:49:53 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-17 22:42:31 ----A---- C:\Autoexec.BAT
2012-01-12 18:31:54 ----D---- C:\WINDOWS\Debug
2012-01-12 17:11:20 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-12 17:11:13 ----RSD---- C:\WINDOWS\assembly
2012-01-11 15:01:54 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 14:58:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-11-28 195416]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [2006-02-23 9728]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\System32\DRIVERS\xfilt.sys [2006-02-23 11264]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-11-20 82380]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-11-28 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-09-16 28688]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 S3GIGP;S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [2006-08-14 654848]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-09-16 88800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBSTK03N;Standard_Camera; C:\WINDOWS\system32\DRIVERS\STK03NW2.sys [2009-12-18 108544]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2006-05-04 7296]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2008-01-10 587096]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-09-16 798772]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\PROGRAm Files\Crawler\ctbr.dll
C:\PROGRAm Files\ICQ TOOlbar

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055FD26D-3A88-4e15-963D-DC8493744B1D}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1CB20BF0-BBAE-40A7-93F4-6435FF3D0411}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na MoveIt!. Po skenu rastartujte PC. Nakonec dejte nový log RSIT.

[Olin]

Přeposílám nový log po doporučené změně.

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ing.Kašpar Oldřich at 2012-02-09 19:57:27
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 57 GB (37%) free of 153 GB
Total RAM: 478 MB (16% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:57:45, on 9.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\STK03N\STK03NM.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Ing.Kašpar Oldřich.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [W_MRPPRN] C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: STK03N PNP Monitor.lnk = ?
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout pomocí NetXferu - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí Net&Xferu - C:\Program Files\Xi\NetXfer\NXAddList.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} (RSClientPrint 2008 Class) - https://intranet.avivazp.cz/ReportServe ... b&Arch=X86
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4955200578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E48F11AB-74FF-4D73-A4E3-B9D7FA9727F4}: NameServer = 10.10.255.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 9462 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\ParetoLogic Update Version2.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, cs@dictionaries.addons.mozilla.org:1.0.2, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, qtl.co.il@gmail.com:14.3, {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.7, eurotranxp2@microton.cz:2.0, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
talkback@mozilla(2).org
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
google.xml
wikipedia-cz.xml

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\extensions\
centrumpomocnik@centrum.cz
cs@dictionaries.addons.mozilla.org
eurotranxp2@microton.cz
qtl.co.il@gmail.com
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\searchplugins\
crawlersrch.xml
hledejcenycz.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-38.xml
icqplugin-39.xml
icqplugin-4.xml
icqplugin-40.xml
icqplugin-41.xml
icqplugin-42.xml
icqplugin-43.xml
icqplugin-44.xml
icqplugin-45.xml
icqplugin-46.xml
icqplugin-47.xml
icqplugin-48.xml
icqplugin-49.xml
icqplugin-5.xml
icqplugin-50.xml
icqplugin-51.xml
icqplugin-52.xml
icqplugin-53.xml
icqplugin-54.xml
icqplugin-55.xml
icqplugin-56.xml
icqplugin-57.xml
icqplugin-58.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
MyStart Search.xml
qtl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]
NXIECatcher Class - C:\Program Files\Xi\NetXfer\NXIEHelper.dll [2007-08-15 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - NetXfer - C:\Program Files\Xi\NetXfer\NXToolBar.dll [2007-07-11 57344]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-07-10 176128]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2008-02-21 1647912]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"zzz_ImInstaller_IncrediMail"=C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail []
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2003-09-16 1212466]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2010-10-31 353736]
"Magentic"=C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-07-10 475180]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"W_MRPPRN"=C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe [2011-12-18 1142272]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
STK03N PNP Monitor.lnk - C:\WINDOWS\STK03N\STK03NM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe"="C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe:LocalSubNet:Enabled:Firebird server 2.1"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe:*:Enabled:IncrediMail Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-02-09 19:45:16 ----D---- C:\_OTM
2012-02-09 18:27:20 ----D---- C:\Program Files\trend micro
2012-02-09 18:27:13 ----D---- C:\rsit
2012-02-08 22:43:52 ----D---- C:\Program Files\Google
2012-02-08 22:43:52 ----D---- C:\Program Files\CCleaner
2012-02-08 20:51:36 ----D---- C:\Program Files\Common Files\Java
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\java.exe
2012-02-06 02:57:28 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-02-06 02:57:27 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-02-06 02:57:23 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\avastSS.scr
2012-02-06 02:55:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-02-06 02:55:02 ----D---- C:\Program Files\AVAST Software
2012-02-06 02:14:43 ----N---- C:\WINDOWS\system32\isutil.dll
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune5.exe
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune.ini
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\ZShp1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\zpppcl.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\vs1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\pcldll6l.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZUNINST.EXE
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZTAG32.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZSPOOL.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zpp.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zPJL.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlmhp1.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlm.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\Zlang.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\hpflash1.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\zstatus.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\ZGDI32.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\SDhp1000.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\Sd32.dll
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\IMF32.DLL
2012-02-06 02:14:32 ----D---- C:\Program Files\hp Laserjet 1005
2012-02-06 01:23:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-02-06 00:33:57 ----D---- C:\MrpWin
2012-01-31 21:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-31 15:54:58 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\IllustrationStorage
2012-01-22 18:11:49 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Zoner
2012-01-21 17:38:49 ----D---- C:\WINDOWS\system32\QuickTime
2012-01-21 17:13:09 ----D---- C:\Program Files\Canon
2012-01-11 15:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 15:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 15:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 15:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-11 14:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$

======List of files/folders modified in the last 1 month======

2012-02-09 19:54:21 ----D---- C:\WINDOWS\Prefetch
2012-02-09 19:53:52 ----D---- C:\WINDOWS\Temp
2012-02-09 19:51:49 ----D---- C:\Config.Msi
2012-02-09 19:47:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-09 19:46:51 ----D---- C:\WINDOWS\system32
2012-02-09 19:46:51 ----D---- C:\WINDOWS
2012-02-09 19:46:07 ----D---- C:\Program Files\Crawler
2012-02-09 19:12:25 ----SHD---- C:\WINDOWS\Installer
2012-02-09 19:12:25 ----RD---- C:\Program Files
2012-02-08 22:44:18 ----D---- C:\Program Files\Common Files
2012-02-08 22:44:11 ----D---- C:\Program Files\Mozilla Firefox
2012-02-08 22:44:00 ----D---- C:\Program Files\Privacy and Registry Cleaner
2012-02-08 22:43:36 ----HD---- C:\WINDOWS\inf
2012-02-08 22:43:36 ----D---- C:\WINDOWS\system32\drivers
2012-02-08 22:43:35 ----D---- C:\WINDOWS\WinSxS
2012-02-08 22:42:59 ----RSD---- C:\WINDOWS\Fonts
2012-02-08 22:42:59 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-08 22:42:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-08 20:49:21 ----D---- C:\Program Files\Java
2012-02-08 20:35:26 ----RASH---- C:\boot.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\win.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\system.ini
2012-02-08 20:35:25 ----D---- C:\WINDOWS\pss
2012-02-08 13:48:31 ----SD---- C:\WINDOWS\Tasks
2012-02-07 19:07:09 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-06 02:58:45 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-06 02:51:39 ----D---- C:\MRPPRN
2012-02-06 00:49:49 ----D---- C:\WINDOWS\system32\config
2012-02-06 00:49:27 ----D---- C:\WINDOWS\system32\wbem
2012-02-06 00:49:26 ----D---- C:\WINDOWS\Registration
2012-02-06 00:46:24 ----D---- C:\Program Files\QuickTime
2012-02-06 00:45:49 ----D---- C:\Program Files\rajce
2012-01-31 20:19:52 ----D---- C:\MRP
2012-01-31 15:46:03 ----D---- C:\Data reloading
2012-01-31 14:49:53 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-17 22:42:31 ----A---- C:\Autoexec.BAT
2012-01-12 18:31:54 ----D---- C:\WINDOWS\Debug
2012-01-12 17:11:20 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-12 17:11:13 ----RSD---- C:\WINDOWS\assembly
2012-01-11 15:01:54 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 14:58:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-11-28 195416]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [2006-02-23 9728]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\System32\DRIVERS\xfilt.sys [2006-02-23 11264]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-11-20 82380]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-11-28 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-09-16 28688]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 S3GIGP;S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [2006-08-14 654848]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-09-16 88800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBSTK03N;Standard_Camera; C:\WINDOWS\system32\DRIVERS\STK03NW2.sys [2009-12-18 108544]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2006-05-04 7296]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2012-02-09 587096]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-09-16 798772]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Dvouklikem na soubor C:\Program Files\trend micro\Ing.Kašpar Oldřich.exe spusťte HijackThis. Klikněte na "Do a system scan only" a v otevřeném okně vlevo ve čtverečcích zaškrtněte:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=60446
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60446
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_custo ... TbId=60446
R3 - URLSearchHook: (no name) - - (no file)
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O16 - DPF: {5554DCB0-700B-498D-9B58-4E40E5814405} (RSClientPrint 2008 Class) - https://intranet.avivazp.cz/ReportServe ... b&Arch=X86
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 4955200578
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

a klkněte na >Fix checked<. Restartujte PC.

[Olin]

Po druhé úpravě log

Logfile of random's system information tool 1.09 (written by random/random)
Run by Ing.Kašpar Oldřich at 2012-02-09 21:21:40
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 57 GB (37%) free of 153 GB
Total RAM: 478 MB (47% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:21:54, on 9.2.2012
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.17106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\STK03N\STK03NM.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\PROGRA~1\Magentic\bin\MgApp.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\ImNotfy.exe
C:\Documents and Settings\Ing.Kašpar Oldřich\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\Ing.Kašpar Oldřich.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [zzz_ImInstaller_IncrediMail] C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NokiaMServer] C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Magentic] C:\PROGRA~1\Magentic\bin\Magentic.exe /c
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [W_MRPPRN] C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: STK03N PNP Monitor.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Stáhnout pomocí NetXferu - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Stáhnout vše pomocí Net&Xferu - C:\Program Files\Xi\NetXfer\NXAddList.html
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{E48F11AB-74FF-4D73-A4E3-B9D7FA9727F4}: NameServer = 10.10.255.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: InCD File System Service (InCDsrv) - AHEAD Software - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7841 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\ParetoLogic Registration.job
C:\WINDOWS\tasks\ParetoLogic Update Version2.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
prefs.js - "extensions.enabledItems" - "{4B3803EA-5230-4DC3-A7FC-33638F3D3542}:1.3, cs@dictionaries.addons.mozilla.org:1.0.2, {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.9, {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7, {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}:6.0.11, {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13, {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}:6.0.15, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.2.1, qtl.co.il@gmail.com:14.3, {a6ca9b3b-5e52-4f47-85d8-cca35bb57596}:1.4.7, eurotranxp2@microton.cz:2.0, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, bkmrksync@nokia.com:1.0.0.732, {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.3.42, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.17"
prefs.js - "keyword.URL" - "http://search.icq.com/search/afe_result ... r=1.4.3&q="

"{4B3803EA-5230-4DC3-A7FC-33638F3D3542}"=C:\Program Files\Crawler\firefox\
"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"bkmrksync@nokia.com"=C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\
"{A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}"=C:\Program Files\Nokia\Nokia Ovi Suite\Connectors\Bookmarks Connector\FirefoxExtension\
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 10.1 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\
talkback@mozilla(2).org
{800b5000-a755-47e1-992b-48a1c1357f07}
{972ce4c6-7e08-4474-a285-3208198ce6fd}
{972ce4c6-7e08-4474-a285-3208198ce6fd}(2)
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\
binary.manifest
browsercomps.dll
nsILegitCheckPlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
np-mswmp.dll
npdeployJava1.dll
npLegitCheckPlugin.dll
nppdf32.dll
WMP Firefox Plugin License.rtf
WMP Firefox Plugin RelNotes.txt

C:\Program Files\Mozilla Firefox\searchplugins\
crawlersrch.bak
crawlersrch.xml
google.xml
wikipedia-cz.xml

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\extensions\
centrumpomocnik@centrum.cz
cs@dictionaries.addons.mozilla.org
eurotranxp2@microton.cz
qtl.co.il@gmail.com
{20a82645-c095-46ed-80e3-08825760534b}
{635abd67-4fe9-1b23-4f01-e679fa7484c1}
{800b5000-a755-47e1-992b-48a1c1357f07}
{c36177c0-224a-11da-8cd6-0800200c9a66}
{ec8030f7-c20a-464f-9b0e-13a3a9e97384}

C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Mozilla\Firefox\Profiles\jtmoywlk.default\searchplugins\
crawlersrch.xml
hledejcenycz.xml
icq-search.xml
icqplugin-1.xml
icqplugin-10.xml
icqplugin-11.xml
icqplugin-12.xml
icqplugin-13.xml
icqplugin-14.xml
icqplugin-15.xml
icqplugin-16.xml
icqplugin-17.xml
icqplugin-18.xml
icqplugin-19.xml
icqplugin-2.xml
icqplugin-20.xml
icqplugin-21.xml
icqplugin-22.xml
icqplugin-23.xml
icqplugin-24.xml
icqplugin-25.xml
icqplugin-26.xml
icqplugin-27.xml
icqplugin-28.xml
icqplugin-29.xml
icqplugin-3.xml
icqplugin-30.xml
icqplugin-31.xml
icqplugin-32.xml
icqplugin-33.xml
icqplugin-34.xml
icqplugin-35.xml
icqplugin-36.xml
icqplugin-37.xml
icqplugin-38.xml
icqplugin-39.xml
icqplugin-4.xml
icqplugin-40.xml
icqplugin-41.xml
icqplugin-42.xml
icqplugin-43.xml
icqplugin-44.xml
icqplugin-45.xml
icqplugin-46.xml
icqplugin-47.xml
icqplugin-48.xml
icqplugin-49.xml
icqplugin-5.xml
icqplugin-50.xml
icqplugin-51.xml
icqplugin-52.xml
icqplugin-53.xml
icqplugin-54.xml
icqplugin-55.xml
icqplugin-56.xml
icqplugin-57.xml
icqplugin-58.xml
icqplugin-6.xml
icqplugin-7.xml
icqplugin-8.xml
icqplugin-9.xml
icqplugin.xml
MyStart Search.xml
qtl.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2011-11-10 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83B80A9C-D91A-4F22-8DCF-EA7204039F79}]
NXIECatcher Class - C:\Program Files\Xi\NetXfer\NXIEHelper.dll [2007-08-15 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-11-10 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-11-10 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - NetXfer - C:\Program Files\Xi\NetXfer\NXToolBar.dll [2007-07-11 57344]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! WebRep - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2011-11-28 809040]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"S3Trayp"=C:\WINDOWS\system32\S3trayp.exe [2006-07-10 176128]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-11-14 16270848]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NBKeyScan"=C:\Program Files\Nero\Nero 7\Nero BackItUp\NBKeyScan.exe [2008-02-21 1647912]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2011-11-28 3744552]
"zzz_ImInstaller_IncrediMail"=C:\DOCUME~1\ING~1.KAP\LOCALS~1\Temp\ImInstaller\IncrediMail\incredimail_install.exe -startup -product IncrediMail []
"VTTimer"=C:\WINDOWS\system32\VTTimer.exe [2006-08-03 53248]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"NokiaMServer"=C:\Program Files\Common Files\Nokia\MPlatform\NokiaMServer /watchfiles startup []
"NeroCheck"=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
"InCD"=C:\Program Files\Ahead\InCD\InCD.exe [2003-09-16 1212466]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2011-06-09 254696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]
"IncrediMail"=C:\Program Files\IncrediMail\bin\IncMail.exe [2010-10-31 353736]
"Magentic"=C:\PROGRA~1\Magentic\bin\Magentic.exe [2007-07-10 475180]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
""= []
"W_MRPPRN"=C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\W_mrpprn.exe [2011-12-18 1142272]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE
STK03N PNP Monitor.lnk - C:\WINDOWS\STK03N\STK03NM.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Local Settings\Temp\ImInstaller\IncrediMail\incredimail_install.exe:*:Enabled:IncrediMail Installer"
"C:\Program Files\IncrediMail\bin\ImApp.exe"="C:\Program Files\IncrediMail\bin\ImApp.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\IncMail.exe"="C:\Program Files\IncrediMail\bin\IncMail.exe:*:Enabled:IncrediMail"
"C:\Program Files\IncrediMail\bin\ImpCnt.exe"="C:\Program Files\IncrediMail\bin\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\Program Files\Magentic\bin\MgImp.exe"="C:\Program Files\Magentic\bin\MgImp.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\Magentic.exe"="C:\Program Files\Magentic\bin\Magentic.exe:*:Enabled:Magentic"
"C:\Program Files\Magentic\bin\MgApp.exe"="C:\Program Files\Magentic\bin\MgApp.exe:*:Enabled:Magentic"
"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe"="C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe:*:Enabled:Sunbelt Kerio Firewall GUI"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\ICQ6\ICQ.exe"="C:\Program Files\ICQ6\ICQ.exe:*:Enabled:ICQ6"
"C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe"="C:\Program Files\Firebird\Firebird_2_1\bin\fbserver.exe:LocalSubNet:Enabled:Firebird server 2.1"
"C:\Program Files\Xi\NetXfer\NetTransport.exe"="C:\Program Files\Xi\NetXfer\NetTransport.exe:*:Enabled:NetXfer Download Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe"="C:\Program Files\Nokia\Nokia Ovi Suite\NokiaOviSuite.exe:*:Enabled:Nokia Ovi Suite 2"
"C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe"="C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe:*:Enabled:Nokia Software Updater"
"C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe"="C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe:*:Enabled:Nokia Service Layer Host Process "
"C:\Program Files\Google\Google Earth\client\googleearth.exe"="C:\Program Files\Google\Google Earth\client\googleearth.exe:*:Enabled:Google Earth"
"C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe"="C:\Documents and Settings\Ing.Kašpar Oldřich\Plocha\incredimail_install.exe:*:Enabled:IncrediMail Installer"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVU9"=tsbyuv.dll
"VIDC.YVYU"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.l3acm"=C:\WINDOWS\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======List of files/folders created in the last 1 month======

2012-02-09 19:45:16 ----D---- C:\_OTM
2012-02-09 18:27:20 ----D---- C:\Program Files\trend micro
2012-02-09 18:27:13 ----D---- C:\rsit
2012-02-08 22:43:52 ----D---- C:\Program Files\Google
2012-02-08 22:43:52 ----D---- C:\Program Files\CCleaner
2012-02-08 20:51:36 ----D---- C:\Program Files\Common Files\Java
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaws.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\javaw.exe
2012-02-08 20:49:51 ----A---- C:\WINDOWS\system32\java.exe
2012-02-06 02:57:28 ----A---- C:\WINDOWS\system32\drivers\aswFsBlk.sys
2012-02-06 02:57:27 ----A---- C:\WINDOWS\system32\drivers\aswSP.sys
2012-02-06 02:57:23 ----A---- C:\WINDOWS\system32\drivers\aswFW.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswTdi.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswRdr.sys
2012-02-06 02:56:27 ----A---- C:\WINDOWS\system32\drivers\aswNdis2.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswSnx.sys
2012-02-06 02:56:26 ----A---- C:\WINDOWS\system32\drivers\aswmon2.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aswmon.sys
2012-02-06 02:56:25 ----A---- C:\WINDOWS\system32\drivers\aavmker4.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\system32\drivers\aswNdis.sys
2012-02-06 02:55:36 ----A---- C:\WINDOWS\avastSS.scr
2012-02-06 02:55:35 ----A---- C:\WINDOWS\system32\aswBoot.exe
2012-02-06 02:55:02 ----D---- C:\Program Files\AVAST Software
2012-02-06 02:14:43 ----N---- C:\WINDOWS\system32\isutil.dll
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune5.exe
2012-02-06 02:14:41 ----N---- C:\WINDOWS\apptune.ini
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\ZShp1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\zpppcl.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\vs1005.dll
2012-02-06 02:14:38 ----N---- C:\WINDOWS\system32\pcldll6l.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZUNINST.EXE
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZTAG32.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\ZSPOOL.DLL
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zpp.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zPJL.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlmhp1.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\zlm.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\Zlang.dll
2012-02-06 02:14:37 ----N---- C:\WINDOWS\system32\hpflash1.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\zstatus.exe
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\ZGDI32.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\SDhp1000.DLL
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\Sd32.dll
2012-02-06 02:14:36 ----N---- C:\WINDOWS\system32\IMF32.DLL
2012-02-06 02:14:32 ----D---- C:\Program Files\hp Laserjet 1005
2012-02-06 01:23:46 ----D---- C:\Documents and Settings\All Users\Data aplikací\AVAST Software
2012-02-06 00:33:57 ----D---- C:\MrpWin
2012-01-31 21:06:53 ----HDC---- C:\WINDOWS\$NtUninstallKB2585542$
2012-01-31 15:54:58 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\IllustrationStorage
2012-01-22 18:11:49 ----D---- C:\Documents and Settings\Ing.Kašpar Oldřich\Data aplikací\Zoner
2012-01-21 17:38:49 ----D---- C:\WINDOWS\system32\QuickTime
2012-01-21 17:13:09 ----D---- C:\Program Files\Canon
2012-01-11 15:29:35 ----HDC---- C:\WINDOWS\$NtUninstallKB2646524$
2012-01-11 15:29:20 ----HDC---- C:\WINDOWS\$NtUninstallKB2631813$
2012-01-11 15:29:05 ----HDC---- C:\WINDOWS\$NtUninstallKB2598479$
2012-01-11 15:28:46 ----HDC---- C:\WINDOWS\$NtUninstallKB2584146$
2012-01-11 14:44:21 ----HDC---- C:\WINDOWS\$NtUninstallKB2603381$

======List of files/folders modified in the last 1 month======

2012-02-09 21:20:42 ----D---- C:\WINDOWS\Temp
2012-02-09 21:07:34 ----D---- C:\WINDOWS\Prefetch
2012-02-09 21:04:39 ----A---- C:\WINDOWS\SchedLgU.Txt
2012-02-09 21:04:24 ----D---- C:\WINDOWS\system32\CatRoot2
2012-02-09 20:59:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2012-02-09 20:59:51 ----D---- C:\WINDOWS\system32
2012-02-09 20:59:43 ----SD---- C:\WINDOWS\Downloaded Program Files
2012-02-09 19:51:49 ----D---- C:\Config.Msi
2012-02-09 19:46:51 ----D---- C:\WINDOWS
2012-02-09 19:46:07 ----D---- C:\Program Files\Crawler
2012-02-09 19:12:25 ----SHD---- C:\WINDOWS\Installer
2012-02-09 19:12:25 ----RD---- C:\Program Files
2012-02-08 22:44:18 ----D---- C:\Program Files\Common Files
2012-02-08 22:44:11 ----D---- C:\Program Files\Mozilla Firefox
2012-02-08 22:44:00 ----D---- C:\Program Files\Privacy and Registry Cleaner
2012-02-08 22:43:36 ----HD---- C:\WINDOWS\inf
2012-02-08 22:43:36 ----D---- C:\WINDOWS\system32\drivers
2012-02-08 22:43:35 ----D---- C:\WINDOWS\WinSxS
2012-02-08 22:42:59 ----RSD---- C:\WINDOWS\Fonts
2012-02-08 22:42:59 ----HD---- C:\Program Files\InstallShield Installation Information
2012-02-08 20:49:21 ----D---- C:\Program Files\Java
2012-02-08 20:35:26 ----RASH---- C:\boot.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\win.ini
2012-02-08 20:35:26 ----A---- C:\WINDOWS\system.ini
2012-02-08 20:35:25 ----D---- C:\WINDOWS\pss
2012-02-08 13:48:31 ----SD---- C:\WINDOWS\Tasks
2012-02-06 02:58:45 ----D---- C:\WINDOWS\system32\CatRoot
2012-02-06 02:51:39 ----D---- C:\MRPPRN
2012-02-06 00:49:49 ----D---- C:\WINDOWS\system32\config
2012-02-06 00:49:27 ----D---- C:\WINDOWS\system32\wbem
2012-02-06 00:49:26 ----D---- C:\WINDOWS\Registration
2012-02-06 00:46:24 ----D---- C:\Program Files\QuickTime
2012-02-06 00:45:49 ----D---- C:\Program Files\rajce
2012-01-31 20:19:52 ----D---- C:\MRP
2012-01-31 15:46:03 ----D---- C:\Data reloading
2012-01-31 14:49:53 ----HD---- C:\WINDOWS\$hf_mig$
2012-01-17 22:42:31 ----A---- C:\Autoexec.BAT
2012-01-12 18:31:54 ----D---- C:\WINDOWS\Debug
2012-01-12 17:11:20 ----D---- C:\WINDOWS\Microsoft.NET
2012-01-12 17:11:13 ----RSD---- C:\WINDOWS\assembly
2012-01-11 15:01:54 ----A---- C:\WINDOWS\system32\MRT.exe
2012-01-11 14:58:58 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswNdis;avast! Firewall NDIS Filter Service; C:\WINDOWS\system32\DRIVERS\aswNdis.sys [2011-11-28 12112]
R0 aswNdis2;avast! Firewall Core Firewall Service; C:\WINDOWS\system32\drivers\aswNdis2.sys [2011-11-28 195416]
R0 viaagp1;VIA AGP Filter; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [2003-07-01 27904]
R0 videX32;videX32; C:\WINDOWS\System32\DRIVERS\videX32.sys [2006-02-23 9728]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2009-07-13 91904]
R0 xfilt;VIA SATA IDE Hot-plug Driver; C:\WINDOWS\System32\DRIVERS\xfilt.sys [2006-02-23 11264]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2011-11-28 30808]
R1 AFS2K;AFS2k; C:\WINDOWS\system32\drivers\AFS2K.sys [2007-11-20 82380]
R1 aswFW;avast! TDI Firewall driver; C:\WINDOWS\system32\drivers\aswFW.sys [2011-11-28 111320]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2011-11-28 34392]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2011-11-28 435032]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2011-11-28 314456]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2011-11-28 52952]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2003-09-16 28688]
R1 incdrm;InCD EasyWrite Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2003-08-21 25520]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-14 40192]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2011-11-28 20568]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2011-11-28 111320]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\System32\DRIVERS\fetnd5b.sys [2004-04-15 42496]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 S3GIGP;S3GIGP; C:\WINDOWS\System32\DRIVERS\S3gIGPm.sys [2006-08-14 654848]
R3 usbuhci;Ovladač Microsoft univerzálního hostitelského řadiče USB od společnosti Microsoft; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2003-09-16 88800]
S3 CCDECODE;Dekodér Closed Caption; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 DCamUSBSTK03N;Standard_Camera; C:\WINDOWS\system32\DRIVERS\STK03NW2.sys [2009-12-18 108544]
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 grmnusb;grmnusb; C:\WINDOWS\system32\drivers\grmnusb.sys [2006-05-04 7296]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2010-02-26 18176]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2010-02-26 22528]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2010-02-26 8192]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-13 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2010-02-26 8192]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 Wdf01000;Kernel Mode Driver Frameworks service; C:\WINDOWS\System32\Drivers\wdf01000.sys [2009-07-14 444136]
S3 WSTCODEC;Dálnopisný kodek světového standardu; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2009-07-13 132224]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Ad-Aware 2007 Service; C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe [2012-02-09 587096]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2011-11-28 44768]
R2 avast! Firewall;avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [2011-11-28 127192]
R2 InCDsrv;InCD File System Service; C:\Program Files\Ahead\InCD\InCDsrv.exe [2003-09-16 798772]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2011-11-10 153376]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 aspnet_state;Stavová služba ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2008-02-21 800040]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-09-29 616448]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[Rudy]

Log již vapydá čistý. Nastala nějaká změna?

[Olin]

Změna je znát. Ale když přeskočím na nové okno musím čekat než počítač přestane pracovat. Viz u virů.cz -najedu na svůj dotaz, chci se přihlásit, objeví se přihlašovací okno ale nemohu hned psát uživatelské jméno a heslo, jelikož PC ještě poměrně dost dlouho pracuje. Nemůže to náhodou být nedostatkem volné paměti?
Děkuji.

[Rudy]

Je pravda, že paměti určitě není nadbytek. Zkuste Start>spustit>(napsat) msconfig>OK. Na záložkách služby a po spuštění zrušte zatržítka u těch položek, které nemusí startovat automaticky, tj u takových, které lze v případě potřeby spustit ručně.