nelze k síti, přibrždění, podobně jako předtím na NB, flashd

[audis]

zdravím, mohl by mi prosím někdo pomoci?

dostal jsem pracovní NB a flashdisk Sandisk Cruser s nějakým přídavným Sandiskáckým sw, který mě obtěžoval. Flashdisk jsem zformátoval, ale tento sw se na něm po čase objevil znova.

provoz NB pouze ve stavu nouze funguje. Provoz ve stavu nouze se sítí už ne a chybuje stejně jako při běžném spuštění Win Xp. Po logu XP modrá smrt.

Ve Stavu nouze jsem :
1) odebral ve Správci zařízení ovladače pro LAn a WLAN, registry, restart, Xpčka si samočiině načetla default ovladače, po restartu stále blblo. Ne vše šlo v tom Správci odebrat, občas u některých položek psalo, že jsou potřeba k běhu pc a že to nejde odebrat.
2) dále instaloval jsem ovladače chipset, lan a Wlan stažené z www asusu, beze změny. stále modrá smrt po startu.
3) instaloval jsem ovladače lan a Wlan ihned po odebrání těch předchozích v Správci, opět beze změny.

EDIT: TEN NOTAS SEM ŘEŠIL ZDE KRÁTCE http://forum.zive.cz/viewtopic.php?p=7566214#p7566214

služební flashdisk sjem včera zapojoval i do svého soukromého pc, abych mohl pracovat. ode dneška ale muj stolní počítač jaksi je celý přibržděny, nepřipojí se k netu, sítová karta nejde zakázat, odebrat, dialog "vypínání systému xp " trvá neuměrně dlouho (až mi dojde trpělivost a tvrdý reset).

Provedl jsem Obnovení systému na bod před dvěma dny, spravilo se to, chodí počítač normálně i s netem. ted mi probíhá test Avast. Flashdisk se bojím zapojovat, bojím se že roznáší nějakou havět.

přidávám log:
Logfile of random's system information tool 1.08 (written by random/random)
Run by ja at 2010-07-22 11:20:08
Systém Microsoft Windows XP Professional Service Pack 3
System drive C: has 70 GB (73%) free of 95 GB
Total RAM: 2813 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:20:46, on 22.7.2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
C:\Program Files\COMODO\COMODO Internet Security\cfp.exe
C:\hotkeyp\hotkeyp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~3\rapimgr.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
C:\Program Files\Alwil Software\Avast4\ashSimp2.exe
E:\zzzSEM\RSIT.exe
C:\Program Files\trend micro\ja.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ct24.cz/vysilani/?streamtype=WM2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [pdfFactory Pro Dispatcher v2] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" /source=HKLM
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
O4 - HKCU\..\Run: [HotkeyP] C:\hotkeyp\hotkeyp.exe 0
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Startup: SpeedFan.lnk = C:\Program Files\SpeedFan\speedfan.exe
O4 - Startup: Zástupce - JDownloader.exe.lnk = E:\zzzSEM\JDownloader 0.9.310\JDownloader.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Vytvořit mobilní oblíbenou položku… - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
O23 - Service: ES lite Service for program management. (ES lite Service) - Unknown owner - C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Jserver SMS service (Jserver) - Unknown owner - C:\Documents and Settings\ja\Plocha\jserver\wrapper.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 10596 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\User_Feed_Synchronization-{D250893F-A4AB-483A-B013-C92158920C0B}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\WINDOWS\WebIE.dll [2009-08-09 491520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-04-12 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-04-12 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\WINDOWS\WebIE.dll [2009-08-09 491520]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2009-01-13 18084864]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-11-25 81000]
"VirtualCloneDrive"=C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [2006-04-29 94208]
"ISUSScheduler"=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-02-16 81920]
"LogMeIn GUI"=C:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2008-07-24 63048]
"BluetoothAuthenticationAgent"=bthprops.cpl,,BluetoothAuthenticationAgent []
"StartCCC"=C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2009-05-20 98304]
"pdfFactory Pro Dispatcher v2"=C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe [2005-11-24 491520]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"iKeyWorks"=C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe [2006-04-09 61440]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2009-06-17 55824]
"COMODO Internet Security"=C:\Program Files\COMODO\COMODO Internet Security\cfp.exe [2010-01-29 1800464]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"=C:\hotkeyp\hotkeyp.exe [2005-03-15 26624]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\wcescomm.exe [2006-11-13 1289000]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe [2008-02-20 356352]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\ja\Nabídka Start\Programy\Po spuštění
SpeedFan.lnk - C:\Program Files\SpeedFan\speedfan.exe
Zástupce - JDownloader.exe.lnk - E:\zzzSEM\JDownloader 0.9.310\JDownloader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" C:\WINDOWS\system32\guard32.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2009-05-16 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2009-07-20 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LMIinit]
C:\WINDOWS\system32\LMIinit.dll [2010-06-09 87424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-26 190976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoResolveTrack"=1
"NoResolveSearch"=1
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\Java\jre6\bin\javaw.exe"="C:\Program Files\Java\jre6\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary"
"c:\program files\relevantknowledge\rlvknlg.exe"="c:\program files\relevantknowledge\rlvknlg.exe:*:Enabled:rlvknlg.exe"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"

======List of files/folders created in the last 1 months======

2010-07-22 11:20:08 ----D---- C:\rsit
2010-07-21 14:07:08 ----D---- C:\Documents and Settings\ja\Data aplikací\Download Manager
2010-07-17 00:15:06 ----SHD---- C:\Config.Msi
2010-07-17 00:14:48 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

======List of files/folders modified in the last 1 months======

2010-07-22 11:20:14 ----D---- C:\Program Files\trend micro
2010-07-22 11:02:28 ----D---- C:\WINDOWS
2010-07-22 11:02:28 ----A---- C:\WINDOWS\MAILTRAN.INI
2010-07-22 11:01:20 ----D---- C:\Program Files\Mozilla Firefox
2010-07-22 10:58:22 ----D---- C:\WINDOWS\Temp
2010-07-22 10:56:12 ----D---- C:\Program Files\SpeedFan
2010-07-22 10:55:02 ----D---- C:\WINDOWS\system32\CatRoot2
2010-07-22 10:53:03 ----D---- C:\WINDOWS\system32\config
2010-07-22 10:52:46 ----D---- C:\WINDOWS\system32\wbem
2010-07-22 10:52:45 ----D---- C:\WINDOWS\Registration
2010-07-22 10:52:32 ----HD---- C:\WINDOWS\inf
2010-07-22 10:52:09 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-07-22 10:51:57 ----D---- C:\WINDOWS\system32\Restore
2010-07-22 10:11:01 ----D---- C:\WINDOWS\Prefetch
2010-07-22 01:33:16 ----D---- C:\Program Files\LogMeIn
2010-07-22 01:23:57 ----D---- C:\Documents and Settings\ja\Data aplikací\Skype
2010-07-21 22:39:31 ----D---- C:\Program Files\EurotelSMS
2010-07-20 14:34:11 ----SHD---- C:\WINDOWS\Installer
2010-07-18 21:02:08 ----A---- C:\WINDOWS\wincmd.ini
2010-07-18 17:45:38 ----A---- C:\WINDOWS\wcx_ftp.ini
2010-07-18 12:56:20 ----A---- C:\WINDOWS\WDICT32.INI
2010-07-17 00:14:51 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-07-17 00:14:50 ----D---- C:\WINDOWS\system32
2010-07-17 00:14:30 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-17 00:14:21 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-07-11 20:51:38 ----RSD---- C:\WINDOWS\Fonts
2010-07-10 11:14:32 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-02 21:39:05 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-26 22:34:36 ----AD---- C:\Documents and Settings\All Users\Data aplikací\TEMP
2010-06-26 22:33:06 ----D---- C:\Documents and Settings\ja\Data aplikací\MyPhoneExplorer
2010-06-23 23:39:27 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-23 23:39:25 ----RSD---- C:\WINDOWS\assembly
2010-06-23 22:31:36 ----D---- C:\WINDOWS\WinSxS
2010-06-23 19:29:50 ----D---- C:\Program Files\DreamCom

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 ahcix86;ahcix86; C:\WINDOWS\system32\DRIVERS\ahcix86.sys [2008-10-13 184848]
R0 giveio;giveio; C:\WINDOWS\system32\giveio.sys [1996-04-03 5248]
R0 Inspect;COMODO Internet Security Firewall Driver; C:\WINDOWS\System32\DRIVERS\inspect.sys [2010-01-29 87104]
R0 ohci1394;Hostitelský řadič IEEE 1394 dle standardu OHCI Texas Instruments; C:\WINDOWS\system32\DRIVERS\ohci1394.sys [2008-04-14 61696]
R0 speedfan;speedfan; C:\WINDOWS\system32\speedfan.sys [2006-09-24 5248]
R0 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2008-01-18 77696]
R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-11-25 27408]
R1 AmdPPM;Ovladač procesoru HwPState AMD; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys [2007-04-16 33792]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-11-25 114768]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-11-25 48560]
R1 cmdGuard;COMODO Internet Security Sandbox Driver; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [2010-02-05 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver; C:\WINDOWS\System32\DRIVERS\cmdhlp.sys [2010-01-29 25160]
R1 ElbyCDIO;ElbyCDIO Driver; C:\WINDOWS\System32\Drivers\ElbyCDIO.sys [2007-08-07 25160]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2007-05-24 64000]
R1 VClone;VClone; C:\WINDOWS\system32\DRIVERS\VClone.sys [2007-06-16 31616]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-11-25 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-11-25 94160]
R2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys [2008-09-26 10384]
R2 LMIInfo;LogMeIn Kernel Information Provider; \??\C:\Program Files\LogMeIn\x86\RaInfo.sys []
R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\WINDOWS\system32\drivers\LMIRfsDriver.sys []
R2 NwlnkIpx;Transportní protokol kompatibilní s NWLink IPX/SPX/NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys [2008-04-14 88320]
R2 NwlnkNb;Služba NWLink pro rozhraní NetBIOS; C:\WINDOWS\system32\DRIVERS\nwlnknb.sys [2001-10-25 63232]
R2 NwlnkSpx;Protokol NWLink SPX/SPXII; C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys [2001-10-25 55936]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver; C:\WINDOWS\system32\DRIVERS\thdudf.sys [2009-09-03 66944]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-11-25 23120]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2009-05-16 4069888]
R3 ElbyDelay;ElbyDelay; C:\WINDOWS\System32\Drivers\ElbyDelay.sys [2007-02-16 11984]
R3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2009-01-20 5027840]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2009-06-17 35472]
R3 lmimirr;lmimirr; C:\WINDOWS\system32\DRIVERS\lmimirr.sys [2008-07-24 10144]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2009-06-17 37392]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-10-25 5888]
R3 RTHDMIAzAudService;Service for HDMI; C:\WINDOWS\system32\drivers\RtKHDMI.sys [2008-12-25 3721664]
R3 RTLE8023xp;Realtek 10/100/1000 PCI-E NIC Family NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys [2009-03-27 130816]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 AODDriver;AODDriver; \??\C:\Program Files\GIGABYTE\ET6\i386\AODDriver.sys []
S3 Arp1394;Protokol 1394 ARP Client; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys []
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BTHMODEM;Ovladač pro sériovou komunikaci protokolem Bluetooth; C:\WINDOWS\system32\DRIVERS\bthmodem.sys [2008-04-14 37888]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Ovladač portu Bluetooth; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-14 272128]
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 btwmodem;Bluetooth Modem; C:\WINDOWS\system32\DRIVERS\btwmodem.sys [2004-11-29 30125]
S3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys []
S3 etdrv;etdrv; \??\C:\WINDOWS\etdrv.sys []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-12-18 20240]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2008-12-18 28816]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 s616bus;Sony Ericsson Device 616 driver (WDM); C:\WINDOWS\system32\DRIVERS\s616bus.sys [2007-04-03 83208]
S3 s616mdfl;Sony Ericsson Device 616 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s616mdfl.sys [2007-04-03 15112]
S3 s616mdm;Sony Ericsson Device 616 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s616mdm.sys [2007-04-03 108680]
S3 s616mgmt;Sony Ericsson Device 616 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s616mgmt.sys [2007-04-03 100360]
S3 s616nd5;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (NDIS); C:\WINDOWS\system32\DRIVERS\s616nd5.sys [2007-04-03 23176]
S3 s616obex;Sony Ericsson Device 616 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s616obex.sys [2007-04-03 98568]
S3 s616unic;Sony Ericsson Device 616 USB Ethernet Emulation SEMC616 (WDM); C:\WINDOWS\system32\DRIVERS\s616unic.sys [2007-04-03 99080]
S3 s916bus;Sony Ericsson Device 916 driver (WDM); C:\WINDOWS\system32\DRIVERS\s916bus.sys [2007-11-02 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\s916mdfl.sys [2007-11-02 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\s916mdm.sys [2007-11-02 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\s916mgmt.sys [2007-11-02 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\s916obex.sys [2007-11-02 100008]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-24 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-06-11 41856]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usb_rndisx;Adaptér USB RNDIS; C:\WINDOWS\system32\DRIVERS\usb8023x.sys [2008-04-14 12800]
S3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2006-11-06 28672]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2008-01-18 83328]
S4 LMIRfsClientNP;LMIRfsClientNP; C:\WINDOWS\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-11-25 18752]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2009-05-16 602112]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-11-25 138680]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 cmdAgent;COMODO Internet Security Helper Service; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [2010-01-29 723632]
R2 ES lite Service;ES lite Service for program management.; C:\Program Files\Gigabyte\EasySaver\ESSVR.EXE [2009-03-02 68136]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-04-12 153376]
R2 LMIMaint;LogMeIn Maintenance Service; C:\Program Files\LogMeIn\x86\RaMaint.exe [2010-06-09 116104]
R2 LogMeIn;LogMeIn; C:\Program Files\LogMeIn\x86\LogMeIn.exe [2008-07-24 63040]
R2 NwSapAgent;Agent SAP; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2009-08-19 75064]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-11-25 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-11-25 352920]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2009-05-15 593920]
S2 Jserver;Jserver SMS service; C:\Documents and Settings\ja\Plocha\jserver\wrapper.exe -s C:\Documents and Settings\ja\Plocha\jserver\service\wrapper.conf []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-07-20 121360]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2010-01-26 652800]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------


1) je počítač čistý?
2) jak ten flashdisk naformátovat? bojím se ho někam připojovat. je možné, že roznáší havět, která ovlivnuje a blokuje funkce sítových karet a připojení? RESP. EXISTUJÍ TAKOVÉ TYPY HAVĚTÍ a já se po zkušenostech s NB (tam nejdříve nešla wifi a pak už jen Stav noue šel) a osobním pc ubírám správným směrem?
děkuji za rady.

[audis]

našel jsem tohle s podobným problémem http://www.viry.cz/forum/viewtopic.php?t=52659 , že mnoho antivirů nepomohlo.

[audis]

Avast našel dva viry. jeden vir ve své složce v program files v složce MOVED a druhý nějaký trojan v pagefiles.sys. oba jsem smazal.

[motji]

Hezké odpoledne
Tohle je stolní pc - ten Váš?

Stáhněte na plochu, ukončete všechna aktivní okna a spusťte ComboFix - http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-souhlaste s instalací konzole pro zotavení

- ComboFix je třeba spustit pod účtem s právy administrátora

- Před použitím vypněte všechny rezidentní bezpečnostní programy - antiviry, firewally, antispywary

- Po spuštění se zobrazí podmínky užití, potvrďte je stiskem tlačítka Ano

- Dále postupujte dle pokynů, během aplikování ComboFixu neklikejte do zobrazujícího se okna

- Po dokončení skenování, trvajícího maximálně 10 minut, by měl program vytvořit log - C:\ComboFix.txt, zkopírujte celý jeho obsah sem

[audis]

Avastem jsem testoval flasdisk na třetím počítači, havět žádná nenalezena.

EDIT:
mám tři počítače:
1) služební notebook, který blbnul při připijení s wifi a občas odmítal spustit XPčka, nyní lze spustit jen ve Stavu nouze, při Stavu nouze se sítí a při Poslední známé funkční konfiguraci a při Spustit běžným zpusobem, po logu WIn XP problikne modrá smrt a restartuje se.
modra smrt a její pruběh píše:

modrá smrt průběh při startu:
http://dataport.cz/file/173178/VIDEO0005.mp4

2) soukromý stolní počítač, jehož problémy začaly dnes ráno, od něj pochází log z prvního příspěvku, na něm ted běží combofix, včera jsem s ním nic nedělal, jen prohlížel obvyklé www a používal na něm služební flasdisk abych mohl pracovat s daty z NB. právě tento pc chci vyčistit ted!

3) starý soukromý počítač, ze kterého ted píšu.

log z Combofixu dodám hned jak to doběhne.

[audis]

zdravím, děkuji za rekaci!

Combofix na soukromém pc (2) doběhl.
ComboFix 10-07-21.02 - ja 22.07.2010 12:51:22.4.2 - x86
Systém Microsoft Windows XP Professional 5.1.2600.3.1250.420.1029.18.2813.1971 [GMT 2:00]
Spuštěný z: e:\zzzsem\ComboFix.exe
AV: avast! antivirus 4.8.1368 [VPS 100722-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: COMODO Firewall *enabled* {043803A3-4F86-4ef6-AFC5-F6E02A79969B}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\ja\LOCALS~1\Temp\sfamcc00001.dll
c:\docume~1\ja\LOCALS~1\Temp\sfareca00001.dll
c:\documents and settings\ja\Dokumenty\cc_20100722_102014.reg
c:\documents and settings\ja\Local Settings\temp\sfamcc00001.dll
c:\documents and settings\ja\Local Settings\temp\sfareca00001.dll
c:\program files\RelevantKnowledge
c:\program files\RelevantKnowledge\MSVCP71.DLL
c:\program files\RelevantKnowledge\MSVCR71.DLL
c:\program files\RelevantKnowledge\rlservice.exe
c:\program files\RelevantKnowledge\rlvknlg.exe
c:\windows\system32\vbzlib1.dll

.
((((((((((((((((((((((((( Soubory vytvořené od 2010-06-22 do 2010-07-22 )))))))))))))))))))))))))))))))
.

2010-07-22 09:20 . 2010-07-22 09:20 -------- d-----w- C:\rsit
2010-07-22 08:52 . 2010-07-22 08:52 -------- d-----w- c:\windows\system32\wbem\Repository

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-07-22 11:07 . 2009-06-27 18:01 -------- d-----w- c:\program files\SpeedFan
2010-07-22 11:04 . 2009-06-27 14:53 17488 ----a-w- c:\windows\gdrv.sys
2010-07-22 09:20 . 2009-09-12 21:40 -------- d-----w- c:\program files\trend micro
2010-07-21 23:33 . 2009-07-03 03:31 -------- d-----w- c:\program files\LogMeIn
2010-07-21 23:32 . 2010-07-22 08:14 209042 ----a-w- c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1029.dat
2010-07-21 20:39 . 2009-06-27 17:18 -------- d-----w- c:\program files\EurotelSMS
2010-07-10 09:14 . 2001-10-25 12:00 79266 ----a-w- c:\windows\system32\perfc005.dat
2010-07-10 09:14 . 2001-10-25 12:00 432334 ----a-w- c:\windows\system32\perfh005.dat
2010-06-23 17:29 . 2010-03-27 12:04 -------- d-----w- c:\program files\DreamCom
2010-06-14 14:31 . 2009-06-27 14:28 744448 ----a-w- c:\windows\pchealth\helpctr\binaries\helpsvc.exe
2010-06-12 19:00 . 2009-12-19 12:11 -------- d-----w- c:\program files\Microsoft.NET
2010-06-12 09:20 . 2009-06-27 16:31 -------- d--h--w- c:\program files\InstallShield Installation Information
2010-06-10 07:17 . 2010-02-21 19:57 -------- d-----w- c:\program files\Microsoft Silverlight
2010-06-09 18:10 . 2009-10-01 22:22 83360 ----a-w- c:\windows\system32\LMIRfsClientNP.dll
2010-06-09 18:10 . 2009-07-03 03:32 29568 ----a-w- c:\windows\system32\LMIport.dll
2010-06-09 18:10 . 2009-07-03 03:31 87424 ----a-w- c:\windows\system32\LMIinit.dll
2010-06-06 10:47 . 2009-10-17 15:57 -------- d-----w- c:\program files\CeRegEditor
2010-06-06 09:04 . 2009-06-27 17:54 -------- d-----w- c:\program files\Microsoft ActiveSync
2010-06-05 12:19 . 2010-03-24 18:43 -------- d-----w- c:\program files\Nokia
2010-06-02 19:14 . 2009-07-18 19:23 1324 ----a-w- c:\windows\system32\d3d9caps.dat
2010-05-06 10:35 . 2008-04-14 06:52 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-02 08:09 . 2008-04-14 05:45 1851264 ----a-w- c:\windows\system32\win32k.sys
2009-09-13 18:47 . 2009-09-13 18:47 0 --sh--w- c:\windows\S1A691543.tmp
2006-05-03 10:06 . 2009-08-29 08:44 163328 --sh--r- c:\windows\system32\flvDX.dll
2007-02-21 11:47 . 2009-08-29 08:44 31232 --sh--r- c:\windows\system32\msfDX.dll
2008-03-16 13:30 . 2009-08-29 08:44 216064 --sh--r- c:\windows\system32\nbDX.dll
.

------- Sigcheck -------

[-] 2009-06-26 . 9B32472F5EBDC7BC4E1483BF8DCC0B9C . 1571840 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll
.
(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyP"="c:\hotkeyp\hotkeyp.exe" [2005-03-15 26624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2009-01-13 18084864]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-11-24 81000]
"VirtualCloneDrive"="c:\program files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2006-04-29 94208]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-02-16 81920]
"LogMeIn GUI"="c:\program files\LogMeIn\x86\LogMeInSystray.exe" [2008-07-24 63048]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-05-20 98304]
"pdfFactory Pro Dispatcher v2"="c:\windows\System32\spool\DRIVERS\W32X86\3\fppdis2a.exe" [2005-11-24 491520]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"iKeyWorks"="c:\progra~1\A4Tech\Keyboard\Ikeymain.exe" [2006-04-09 61440]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2009-06-17 55824]
"COMODO Internet Security"="c:\program files\COMODO\COMODO Internet Security\cfp.exe" [2010-01-29 1800464]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="advpack.dll" [2009-03-08 128512]

c:\documents and settings\ja\Nabˇdka Start\Programy\Po spuçtŘnˇ\
SpeedFan.lnk - c:\program files\SpeedFan\speedfan.exe [2009-4-22 3921528]
Z stupce - JDownloader.exe.lnk - e:\zzzsem\JDownloader 0.9.310\JDownloader.exe [2009-11-1 214528]

c:\documents and settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
Bluetooth Manager.lnk - c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-5-22 2756608]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2009-6-28 813584]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2009-07-20 11:28 72208 ----a-w- c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2010-06-09 18:10 87424 ----a-w- c:\windows\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
2008-02-20 15:19 356352 ----a-w- c:\program files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\WINDOWS\\system32\\PnkBstrA.exe"=
"c:\\WINDOWS\\system32\\PnkBstrB.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\Java\\jre6\\bin\\javaw.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service

R0 ahcix86;ahcix86;c:\windows\system32\drivers\ahcix86.sys [26.6.2009 21:05 184848]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [27.6.2009 19:16 114768]
R1 cmdGuard;COMODO Internet Security Sandbox Driver;c:\windows\system32\drivers\cmdguard.sys [27.6.2009 20:11 134344]
R1 cmdHlp;COMODO Internet Security Helper Driver;c:\windows\system32\drivers\cmdhlp.sys [27.6.2009 20:11 25160]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [27.6.2009 19:16 20560]
R2 ES lite Service;ES lite Service for program management.;c:\program files\Gigabyte\EasySaver\essvr.exe [3.7.2009 23:19 68136]
R2 LBeepKE;LBeepKE;c:\windows\system32\drivers\LBeepKE.sys [27.6.2009 19:43 10384]
R2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files\LogMeIn\x86\rainfo.sys [24.7.2008 18:46 12856]
R2 thdudf;TOSHIBA UDF2.5 Reader File System Driver;c:\windows\system32\drivers\thdudf.sys [3.9.2009 17:57 66944]
S2 Jserver;Jserver SMS service;"c:\documents and settings\ja\Plocha\jserver\wrapper.exe" -s "c:\documents and settings\ja\Plocha\jserver\service\wrapper.conf" --> c:\documents and settings\ja\Plocha\jserver\wrapper.exe [?]
S3 AODDriver;AODDriver;\??\c:\program files\GIGABYTE\ET6\i386\AODDriver.sys --> c:\program files\GIGABYTE\ET6\i386\AODDriver.sys [?]
S3 etdrv;etdrv;c:\windows\etdrv.sys [24.11.2009 21:50 17488]
S3 s916bus;Sony Ericsson Device 916 driver (WDM);c:\windows\system32\drivers\s916bus.sys [23.8.2009 21:39 83496]
S3 s916mdfl;Sony Ericsson Device 916 USB WMC Modem Filter;c:\windows\system32\drivers\s916mdfl.sys [23.8.2009 21:41 15016]
S3 s916mdm;Sony Ericsson Device 916 USB WMC Modem Driver;c:\windows\system32\drivers\s916mdm.sys [23.8.2009 21:41 109992]
S3 s916mgmt;Sony Ericsson Device 916 USB WMC Device Management Drivers (WDM);c:\windows\system32\drivers\s916mgmt.sys [23.8.2009 21:44 103976]
S3 s916obex;Sony Ericsson Device 916 USB WMC OBEX Interface;c:\windows\system32\drivers\s916obex.sys [23.8.2009 21:42 100008]
S3 TVICHW32;TVICHW32;c:\windows\system32\drivers\TVICHW32.SYS [3.7.2009 16:07 23600]
.
Obsah adresáře 'Naplánované úlohy'

2010-07-22 c:\windows\Tasks\User_Feed_Synchronization-{D250893F-A4AB-483A-B013-C92158920C0B}.job
- c:\windows\system32\msfeedssync.exe [2009-03-08 02:31]
.
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.ct24.cz/vysilani/?streamtype=WM2
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xportovat do aplikace Microsoft Office Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: {{7E6A20FB-153F-402c-A84B-1A64E1955D3D} - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748449} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748450} - {CC963627-B1DC-40E0-B52A-CF21EE748450} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748451} - {CC963627-B1DC-40E0-B52A-CF21EE748451} - c:\windows\WebIE.dll
IE: {{CC963627-B1DC-40E0-B52A-CF21EE748452} - {CC963627-B1DC-40E0-B52A-CF21EE748452} - c:\windows\WebIE.dll
FF - ProfilePath - c:\documents and settings\ja\Data aplikací\Mozilla\Firefox\Profiles\8rlu7ugy.default\
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPDFXCviewNPPlugin.dll
FF - plugin: c:\program files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.
- - - - NEPLATNÉ POLOŽKY ODSTRANĚNÉ Z REGISTRU - - - -

MSConfigStartUp-Adobe Reader Speed Launcher - c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe
AddRemove-Gibo SMS - c:\program files\Gibo SMS\Plugins\Gibo SMS\Uninstall.exe
AddRemove-{d08d9f98-1c78-4704-87e6-368b0023d831} - c:\program files\relevantknowledge\rlvknlg.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-07-22 13:06
Windows 5.1.2600 Service Pack 3 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(800)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\windows\system32\LMIinit.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\windows\system32\LMIRfsClientNP.dll

- - - - - - - > 'explorer.exe'(2872)
c:\program files\Logitech\SetPoint\lgscroll.dll
c:\windows\system32\LMIRfsClientNP.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Jiné spuštené procesy ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\Alwil Software\Avast4\aswUpdSv.exe
c:\program files\Alwil Software\Avast4\ashServ.exe
c:\windows\RTHDCPL.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\rundll32.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\program files\Microsoft ActiveSync\wcescomm.exe
c:\progra~1\MICROS~3\rapimgr.exe
c:\program files\LogMeIn\x86\RaMaint.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\program files\Java\jre6\bin\javaw.exe
c:\program files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
c:\program files\LogMeIn\x86\LogMeIn.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\program files\LogMeIn\x86\LMIGuardian.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
c:\program files\Alwil Software\Avast4\ashMaiSv.exe
c:\program files\Alwil Software\Avast4\ashWebSv.exe
c:\windows\system32\wbem\wmiapsrv.exe
.
**************************************************************************
.
Celkový čas: 2010-07-22 13:09:38 - počítač byl restartován
ComboFix-quarantined-files.txt 2010-07-22 11:09

Před spuštěním: Volných bajtů: 76 807 319 552
Po spuštění: Volných bajtů: 78 032 470 016

WindowsXP-KB310994-SP2-Pro-BootDisk-CSY.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

- - End Of File - - 631869474EBC64EAF653E252EF819312

[motji]

Služební notebook přeinstalujete, nebo mám poprosit kolegu, ať na to mrkne? Tak může být chyba od pamětí a ž po vaadné ovladače, tohle já neposoudím.

U Vašeho pc by ted měl být vypnut autorun. Připojte flashdisk a spustíme na to jeden prográmek.

Použijte USB fix
http://www.viry.cz/forum/viewtopic.php?f=24&t=102308


Před stažením vypněte rezidentní štít antiviru, má na Usbfix falešnou detekci
-spusťte
-klikněte na volbudeletion , potvrdte enter
- po skenu sem vložte log , pokud na Vás nevyskočí, najdete ho C:\UsbFix.txt

[audis]

pomocí inetcpl.cpl jsem autorun (=na svém pc) již zakázal. mám i přesto použít Usbfix?

nikoho nevolejte, pracovní notas hodím do práce, at to nějak pořeší oni. ale děkuju za nabídku.

[motji]

Ano, USBfix nevypíná autorun, ale skenuje a odstranuje případnou nákazu.

[audis]

provedeno.

jestě bych rád doplnil, že flashdisk Sandisk crueser, s tou utilitou na ovladaní a zalohování, která mně otravovala a chtěl jsem ho zformátovat, aby byl prázdný a neotravoval, tak se projevuje po připojení k pc tak, že zasunu do zdířky, XP načtou a třeba zobrazí obsah složky, za dvě sekundy se jakoby zase odpojí a pak se znova nacte už s tou utilitou.

postupoval jsem tak, na výzvu programu Usbfix jsem flashdisk zapojil, (nějak probehlo a neproběhlo ono kolečko odpojit a zapojit) a o víc se nestaral, protože nevím jak nebo zda má vliv na test.

############################## | UsbFix 7.017 | [Deletion]

User: ja (Administrator) # MUJCERNY [ ]
Updated 22/07/10 by El Desaparecido / C_XX
Started at 01:04:59 | 23/07/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Phenom(tm) II X2 550 Processor
CPU 2: AMD Phenom(tm) II X2 550 Processor
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: avast! antivirus 4.8.1368 [VPS 100722-1] 4.8.1368 [(!) Disabled | Updated]
Firewall: COMODO Firewall 3.9 [Enabled]
RAM -> 2813 Mb
C:\ (%systemdrive%) -> Fixed drive # 93 Gb (72 Mb free - 78%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 839 Gb (54 Mb free - 6%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM

################## | Files # Infected Folders |


################## | Registry |

Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System|DisableRegistryTools
Deleted ! HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoDrives
Deleted ! HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\explorer|NoResolveSearch

################## | Mountpoints2 |


################## | Listing |

[03/07/2009 - 05:31:54 | A | 1024] C:\.rnd
[18/07/2009 - 21:24:14 | D ] C:\ATI
[19/12/2009 - 13:54:10 | A | 192] C:\BcBtRmv.log
[16/08/2009 - 11:05:54 | D ] C:\BMW M3 Challenge
[13/09/2009 - 11:33:03 | A | 293] C:\Boot.bak
[22/07/2010 - 12:50:09 | RASH | 293] C:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[28/06/2009 - 20:11:35 | D ] C:\CanonMF
[22/07/2010 - 12:50:09 | RASHD ] C:\cmdcons
[03/08/2004 - 23:00:04 | A | 261312] C:\cmldr
[22/07/2010 - 13:09:38 | A | 15445] C:\ComboFix.txt
[17/07/2010 - 10:45:28 | D ] C:\Config.Msi
[27/06/2009 - 16:31:06 | A | 0] C:\CONFIG.SYS
[28/06/2009 - 00:06:32 | A | 10] C:\csb.log
[02/01/2010 - 11:53:04 | D ] C:\Documents and Settings
[05/08/2009 - 07:29:59 | D ] C:\Garmin
[22/07/2010 - 13:03:41 | ASH | 2950156288] C:\hiberfil.sys
[28/06/2009 - 00:09:33 | D ] C:\hotkeyp
[27/06/2009 - 16:31:06 | RASH | 0] C:\IO.SYS
[27/06/2009 - 16:31:06 | RASH | 0] C:\MSDOS.SYS
[13/04/2008 - 22:13:04 | RASH | 47564] C:\NTDETECT.COM
[14/04/2008 - 00:01:48 | RASH | 250576] C:\ntldr
[08/11/2009 - 22:24:28 | A | 26263] C:\profiler.txt
[22/07/2010 - 13:01:00 | D ] C:\Program Files
[22/07/2010 - 13:09:43 | D ] C:\Qoobox
[23/07/2010 - 01:07:24 | SHD ] C:\RECYCLER
[22/07/2010 - 11:20:49 | D ] C:\rsit
[22/07/2010 - 13:08:59 | A | 203] C:\service.log
[14/09/2009 - 20:19:54 | SHD ] C:\System Volume Information
[29/11/2009 - 00:14:34 | A | 3] C:\TCPCheckResult.txt
[03/04/2010 - 20:37:48 | D ] C:\totalcmd
[04/09/2009 - 19:12:50 | D ] C:\TRANSLAT
[23/07/2010 - 01:07:24 | D ] C:\UsbFix
[23/07/2010 - 01:07:27 | A | 1279] C:\UsbFix.txt
[23/07/2010 - 01:05:19 | D ] C:\WINDOWS
[27/06/2009 - 22:32:30 | D ] E:\+++Hudbaaaaa
[18/04/2010 - 22:57:40 | D ] E:\++Filmyyyyy
[31/05/2010 - 20:31:01 | D ] E:\Auta
[29/06/2010 - 20:16:57 | D ] E:\CZU škola moje
[30/05/2010 - 14:06:18 | D ] E:\Dejvid II 480x272
[07/07/2010 - 17:31:55 | D ] E:\Fotky
[19/06/2010 - 17:00:20 | D ] E:\HTC
[27/06/2009 - 22:46:23 | D ] E:\INCINERATE
[28/08/2009 - 12:15:23 | AD ] E:\Ja
[27/06/2009 - 22:57:45 | D ] E:\Moje weby
[27/06/2009 - 23:00:11 | D ] E:\Obrazky, Foto, videa
[11/07/2010 - 19:47:45 | D ] E:\Ostatni
[18/07/2010 - 16:27:38 | D ] E:\PETA
[22/12/2009 - 21:47:50 | D ] E:\pouzivane programy
[23/07/2010 - 01:07:24 | SHD ] E:\RECYCLER
[14/02/2010 - 17:14:50 | D ] E:\Soft
[17/04/2010 - 15:23:45 | SHD ] E:\System Volume Information
[19/06/2010 - 17:01:59 | H | 52118] E:\treeinfo.wc
[16/05/2010 - 14:14:37 | D ] E:\Zaloha dat pro system
[05/05/2010 - 23:09:59 | D ] E:\Zamestnani
[22/07/2010 - 19:44:54 | D ] E:\zzzSEM
[18/07/2010 - 21:02:16 | D ] E:\zzzzz filmy skouknout
[07/03/2010 - 12:01:49 | D ] E:\zzzzz porno

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

[motji]

E je ten flashdisk?
Já na něm nic nevidím . Zkuste se zeptat kolegů v práci, ejstli s tím programem u flashdisku měl také někdo problémy.

Nechte flashdisk zapojený a použijte AVPTool.


Stahněte z mého podpisu AVPTOOl http://www.viry.cz/forum/viewtopic.php?f=29&t=58179

-Podle návodu nainstalujte a proveďte sken
-co najde nechejte léčit, mazat
-sken může trvat několik hodin
-vložte zde log z výsledky

[audis]

ne, E:\ je hardisk v počítači, trvale.

flasdisk prve byly asi disky G a H.
=======
test ještě jednou. flasdisk nyní byly disky G a H.

edit: pracuji na AVPtool. ..
############################## | UsbFix 7.017 | [Deletion]

User: ja (Administrator) # MUJCERNY [ ]
Updated 22/07/10 by El Desaparecido / C_XX
Started at 08:57:37 | 23/07/2010
Website: http://pagesperso-orange.fr/NosTools/index.html
Contact: FindyKill.Contact@gmail.com

CPU: AMD Phenom(tm) II X2 550 Processor
CPU 2: AMD Phenom(tm) II X2 550 Processor
Systém Microsoft Windows XP Professional (5.1.2600 32-Bit) # Service Pack 3
Internet Explorer 8.0.6001.18702

Windows Firewall: Disabled /!\
Antivirus: avast! antivirus 4.8.1368 [VPS 100722-1] 4.8.1368 [(!) Disabled | Updated]
Firewall: COMODO Firewall 3.9 [(!) Disabled]
RAM -> 2813 Mb
C:\ (%systemdrive%) -> Fixed drive # 93 Gb (72 Mb free - 78%) [] # NTFS
D:\ -> CD-ROM
E:\ -> Fixed drive # 839 Gb (54 Mb free - 6%) [DATA] # NTFS
F:\ -> CD-ROM
G:\ -> CD-ROM
H:\ -> Removable drive # 7 Gb (7 Mb free - 91%) [] # FAT32

################## | Files # Infected Folders |


################## | Registry |


################## | Mountpoints2 |


################## | Listing |

[03/07/2009 - 05:31:54 | A | 1024] C:\.rnd
[18/07/2009 - 21:24:14 | D ] C:\ATI
[23/07/2010 - 01:07:27 | RASHD ] C:\Autorun.inf
[19/12/2009 - 13:54:10 | A | 192] C:\BcBtRmv.log
[16/08/2009 - 11:05:54 | D ] C:\BMW M3 Challenge
[13/09/2009 - 11:33:03 | A | 293] C:\Boot.bak
[22/07/2010 - 12:50:09 | RASH | 293] C:\boot.ini
[25/10/2001 - 14:00:00 | RASH | 4952] C:\Bootfont.bin
[28/06/2009 - 20:11:35 | D ] C:\CanonMF
[22/07/2010 - 12:50:09 | RASHD ] C:\cmdcons
[03/08/2004 - 23:00:04 | A | 261312] C:\cmldr
[22/07/2010 - 13:09:38 | A | 15445] C:\ComboFix.txt
[17/07/2010 - 10:45:28 | D ] C:\Config.Msi
[27/06/2009 - 16:31:06 | A | 0] C:\CONFIG.SYS
[28/06/2009 - 00:06:32 | A | 10] C:\csb.log
[02/01/2010 - 11:53:04 | D ] C:\Documents and Settings
[05/08/2009 - 07:29:59 | D ] C:\Garmin
[23/07/2010 - 07:54:55 | ASH | 2950156288] C:\hiberfil.sys
[28/06/2009 - 00:09:33 | D ] C:\hotkeyp
[27/06/2009 - 16:31:06 | RASH | 0] C:\IO.SYS
[27/06/2009 - 16:31:06 | RASH | 0] C:\MSDOS.SYS
[13/04/2008 - 22:13:04 | RASH | 47564] C:\NTDETECT.COM
[14/04/2008 - 00:01:48 | RASH | 250576] C:\ntldr
[08/11/2009 - 22:24:28 | A | 26263] C:\profiler.txt
[22/07/2010 - 13:01:00 | D ] C:\Program Files
[22/07/2010 - 13:09:43 | D ] C:\Qoobox
[23/07/2010 - 08:59:54 | SHD ] C:\RECYCLER
[22/07/2010 - 11:20:49 | D ] C:\rsit
[23/07/2010 - 07:56:30 | A | 148] C:\service.log
[14/09/2009 - 20:19:54 | SHD ] C:\System Volume Information
[29/11/2009 - 00:14:34 | A | 3] C:\TCPCheckResult.txt
[03/04/2010 - 20:37:48 | D ] C:\totalcmd
[04/09/2009 - 19:12:50 | D ] C:\TRANSLAT
[23/07/2010 - 08:59:54 | D ] C:\UsbFix
[23/07/2010 - 08:59:55 | A | 987] C:\UsbFix.txt
[23/07/2010 - 08:54:00 | D ] C:\WINDOWS
[27/06/2009 - 22:32:30 | D ] E:\+++Hudbaaaaa
[18/04/2010 - 22:57:40 | D ] E:\++Filmyyyyy
[31/05/2010 - 20:31:01 | D ] E:\Auta
[23/07/2010 - 01:07:30 | RASHD ] E:\Autorun.inf
[29/06/2010 - 20:16:57 | D ] E:\CZU škola moje
[30/05/2010 - 14:06:18 | D ] E:\Dejvid II 480x272
[07/07/2010 - 17:31:55 | D ] E:\Fotky
[19/06/2010 - 17:00:20 | D ] E:\HTC
[27/06/2009 - 22:46:23 | D ] E:\INCINERATE
[28/08/2009 - 12:15:23 | AD ] E:\Ja
[27/06/2009 - 22:57:45 | D ] E:\Moje weby
[27/06/2009 - 23:00:11 | D ] E:\Obrazky, Foto, videa
[11/07/2010 - 19:47:45 | D ] E:\Ostatni
[18/07/2010 - 16:27:38 | D ] E:\PETA
[22/12/2009 - 21:47:50 | D ] E:\pouzivane programy
[23/07/2010 - 08:59:54 | SHD ] E:\RECYCLER
[14/02/2010 - 17:14:50 | D ] E:\Soft
[17/04/2010 - 15:23:45 | SHD ] E:\System Volume Information
[19/06/2010 - 17:01:59 | H | 52118] E:\treeinfo.wc
[16/05/2010 - 14:14:37 | D ] E:\Zaloha dat pro system
[05/05/2010 - 23:09:59 | D ] E:\Zamestnani
[22/07/2010 - 19:44:54 | D ] E:\zzzSEM
[18/07/2010 - 21:02:16 | D ] E:\zzzzz filmy skouknout
[07/03/2010 - 12:01:49 | D ] E:\zzzzz porno

################## | Vaccin |

C:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)
E:\Autorun.inf -> Folder created by UsbFix (El Desaparecido & C_XX)

################## | E.O.F |

[audis]

Autoscan: completed 12 minutes ago (events: 20, objects: 414402, time: 01:07:11)
23.7.2010 9:46:08 Task started
23.7.2010 10:00:42 Processing error C:\Documents and Settings\ja\Local Settings\Data aplikací\Microsoft\Outlook\archive.pst Read error
23.7.2010 10:00:42 Processing error C:\Documents and Settings\ja\Local Settings\Data aplikací\Microsoft\Outlook\Outlook.pst Read error
23.7.2010 10:05:18 Detected: Trojan-PSW.Win32.VB.bur C:\Program Files\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe
23.7.2010 10:05:40 Deleted: Trojan-PSW.Win32.VB.bur C:\Program Files\DsNET Corp\aTube Catcher 1.0\atc_lvr.exe
23.7.2010 10:16:14 Detected: Trojan-PSW.Win32.VB.bur C:\System Volume Information\_restore{5CA9883B-333F-4359-87D3-13B37B564E4C}\RP424\A0093428.exe
23.7.2010 10:16:57 Deleted: Trojan-PSW.Win32.VB.bur C:\System Volume Information\_restore{5CA9883B-333F-4359-87D3-13B37B564E4C}\RP424\A0093428.exe
23.7.2010 10:31:38 Detected: Trojan.Win32.Chifrax.d E:\HTC\PPC programy\Garmin 5.x\Garmin Mobile XT for Windows Mobile 5xxx\mapy\Garmin MapSource City Navigator Europe v2008 NT FULL\setup.exe
23.7.2010 10:32:23 Deleted: Trojan.Win32.Chifrax.d E:\HTC\PPC programy\Garmin 5.x\Garmin Mobile XT for Windows Mobile 5xxx\mapy\Garmin MapSource City Navigator Europe v2008 NT FULL\setup.exe
23.7.2010 10:39:43 Detected: Trojan-PSW.Win32.VB.bur E:\Soft\+OUT programy\aTube10264.exe/WiseSFXDropper/WISE0005.BIN/data0005
23.7.2010 10:40:36 Deleted: Trojan-PSW.Win32.VB.bur E:\Soft\+OUT programy\aTube10264.exe
23.7.2010 10:44:05 Detected: Trojan.Win32.Genome.mij E:\Soft\PC Translator 2007\Crack\rg-pt27e.exe
23.7.2010 10:44:16 Deleted: Trojan.Win32.Genome.mij E:\Soft\PC Translator 2007\Crack\rg-pt27e.exe
23.7.2010 10:44:25 Detected: Trojan.Win32.Genome.mij E:\Soft\PC Translator 2007\PC Translator 2007.iso/Seriove ??slo/rg-pt27e.exe
23.7.2010 10:44:25 Untreated: Trojan.Win32.Genome.mij E:\Soft\PC Translator 2007\PC Translator 2007.iso/Seriove ??slo/rg-pt27e.exe Write not supported
23.7.2010 10:49:55 Detected: Exploit.Win32.MS05-016.h E:\zzzSEM\HTC pokusy\tomtom\druhy pokus\EE_7218\KeygenTomTomV7.10\patcher\Patcher.exe
23.7.2010 10:49:56 Detected: Exploit.Win32.MS05-016.h E:\zzzSEM\HTC pokusy\tomtom\druhy pokus\nové mapy Western_and_Central_Europe_2GB_V_815.2096\NEJNOVĚJŠÍ AKTIVÁTOR 24.12.2008\ttsystem_Patcher\Patcher.exe
23.7.2010 10:50:03 Deleted: Exploit.Win32.MS05-016.h E:\zzzSEM\HTC pokusy\tomtom\druhy pokus\EE_7218\KeygenTomTomV7.10\patcher\Patcher.exe
23.7.2010 10:50:03 Deleted: Exploit.Win32.MS05-016.h E:\zzzSEM\HTC pokusy\tomtom\druhy pokus\nové mapy Western_and_Central_Europe_2GB_V_815.2096\NEJNOVĚJŠÍ AKTIVÁTOR 24.12.2008\ttsystem_Patcher\Patcher.exe
23.7.2010 10:53:19 Task completed

[motji]

E je ten flashdisk?

[audis]

flasdisk jsou disky G a H. jak píšu na začátku v minulém příspěvku. je to flaska Sandisk cruiser s nějakým sandistáckým sw, který mě obtěžuje.

C, E hdd v pc,
D, F mechaniky.