Všechno provedeno, tady log z ComboFixu:
ComboFix 08-05-21.3 - Luke 2008-05-26 15:36:01.2 - NTFSx86
Systém Microsoft Windows XP Professional 5.1.2600.2.1250.1.1029.18.1430 [GMT 2:00]
Running from: C:\Documents and Settings\Luke\Plocha\ComboFix.exe
Command switches used :: C:\Documents and Settings\Luke\Plocha\CFScript.txt
* Created a new restore point
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!.
((((((((((((((((((((((((( Files Created from 2008-04-26 to 2008-05-26 )))))))))))))))))))))))))))))))
.
2008-05-24 17:37 . 2008-05-24 17:37 <DIR> d-------- C:\Program Files\Trend Micro
2008-05-23 19:48 . 2008-05-23 19:48 0 --a------ C:\23990098.$$$
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\zts2.exe
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\system32\vcmgcd32.dll
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\system32\iifgfgf.dll
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\rundll16.exe
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\rundl132.dll
2008-05-23 16:58 . 2008-05-23 16:58 <DIR> d-a------ C:\WINDOWS\logo1_.exe
2008-05-23 16:55 . 2008-05-23 16:56 50 --a------ C:\WINDOWS\Lic.xxx
2008-05-23 16:54 . 2004-08-17 14:49 147,968 --a------ C:\WINDOWS\R.COM
2008-05-23 16:54 . 2004-08-17 14:49 137,216 --a------ C:\WINDOWS\system32\T.COM
2008-05-23 11:12 . 2008-05-23 11:12 <DIR> d-------- C:\fsaua.data
2008-05-17 12:15 . 2008-05-17 12:15 <DIR> d-------- C:\Program Files\Clever Age
2008-05-17 12:13 . 2008-05-17 12:13 <DIR> d-------- C:\Program Files\MSECache
2008-05-15 01:31 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-05-15 01:17 . 2008-05-15 01:17 <DIR> d-------- C:\Program Files\ESET
2008-05-15 01:17 . 2008-05-15 01:17 <DIR> d-------- C:\Documents and Settings\All Users\Data aplikací\ESET
2008-05-04 12:34 . 2008-04-13 11:21 17,920 --a------ C:\WINDOWS\system32\Ntaccess.sys
2008-05-04 12:34 . 2004-07-23 16:09 13,368 --a------ C:\WINDOWS\system32\FlashVxd.vxd
2008-05-04 12:34 . 2007-12-14 09:21 9,216 --a------ C:\WINDOWS\system32\drivers\FlashSys.sys
2008-04-29 01:24 . 2008-04-29 01:24 <DIR> d-------- C:\Program Files\Safari
2008-04-28 22:15 . 2008-04-28 22:15 <DIR> d-------- C:\Program Files\Apple Software Update
2008-04-28 02:18 . 2008-04-28 02:18 <DIR> d-------- C:\Program Files\Notebook Hardware Control
2008-04-28 02:18 . 2008-05-26 08:09 12,288 --a------ C:\WINDOWS\system32\drivers\nhcDriver.sys
2008-04-27 23:59 . 2008-04-27 23:59 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2008-04-27 23:59 . 1999-01-20 05:01 210,032 --a------ C:\WINDOWS\system32\DBCLIENT.DLL
2008-04-27 23:59 . 1999-11-12 05:11 183,808 --a------ C:\WINDOWS\system32\BDEADMIN.CPL
2008-04-27 23:58 . 2008-04-27 23:58 <DIR> d-------- C:\Program Files\Louisa 3
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-26 13:34 --------- d-----w C:\Program Files\BOINC
2008-05-26 06:29 83,228 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-05-21 16:51 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\gtk-2.0
2008-05-18 21:32 56,408 ----a-w C:\Documents and Settings\Luke\Data aplikací\GDIPFONTCACHEV1.DAT
2008-05-09 13:38 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\LightScribe
2008-05-04 10:34 --------- d-----w C:\Program Files\MSI
2008-05-04 10:31 --------- d-----w C:\Program Files\Setup Files
2008-05-03 21:50 --------- d-----w C:\Program Files\Common Files\Autodesk Shared
2008-05-01 12:29 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\Abvent_Artlantis2
2008-04-28 23:30 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\Apple Computer
2008-04-27 08:58 --------- d-----w C:\Program Files\Java
2008-04-25 13:03 --------- d-----w C:\Program Files\QuickTime
2008-04-25 11:56 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\Abvent
2008-04-25 10:37 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Abvent
2008-04-22 20:54 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\Autodesk
2008-04-16 21:04 --------- d-----w C:\Documents and Settings\Luke\Data aplikací\ICQ
2008-04-16 21:03 --------- d-----w C:\Program Files\ICQ6
2008-04-12 15:50 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\Autodesk
2008-04-12 10:33 --------- d-----w C:\Program Files\Common Files\McNeel Shared
2008-04-12 10:33 --------- d-----w C:\Documents and Settings\All Users\Data aplikací\McNeel
2008-04-07 09:47 883,130 ----a-w C:\WINDOWS\Bier Tycoon Uninstaller.exe
2008-04-07 08:43 --------- d-----w C:\Program Files\Common Files\Thraex Software
2008-04-07 08:41 271,360 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2008-04-06 21:20 --------- d-----w C:\Program Files\All Media Fixer
2008-04-06 20:21 --------- d-----w C:\Program Files\ASF-AVI-RM-WMV Repair
2008-04-03 20:10 --------- d-----w C:\Program Files\ZAV1
2008-03-20 08:01 1,845,888 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:02 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2007-11-15 17:49 32 ----a-w C:\Documents and Settings\All Users\Data aplikací\ezsid.dat
.
((((((((((((((((((((((((((((( snapshot@2008-05-24_20.25.53,75 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-24 15:33:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-26 06:08:19 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-25 09:11:57 295,606 ----a-r C:\WINDOWS\Installer\{AC76BA86-7AD7-5464-3428-800000000003}\ARPPRODUCTICON.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-17 14:49 15360]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:21 1694208]
"OEXPRESS"="C:\WINDOWS\OETRN.EXE" [2008-02-19 17:35 26624]
"ICQ"="C:\Program Files\ICQ6\ICQ.exe" [2008-04-01 12:40 172280]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-17 03:36 8437760]
"nwiz"="nwiz.exe" [2007-04-17 03:36 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="NvMCTray.dll" [2007-04-17 03:36 81920 C:\WINDOWS\system32\nvmctray.dll]
"RTHDCPL"="RTHDCPL.EXE" [2007-11-02 23:56 16380416 C:\WINDOWS\RTHDCPL.exe]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2005-11-09 00:00 128920]
"PCMService"="C:\Program Files\ASUS\Mobile Theater\PCMService.exe" [2006-02-15 21:25 147456]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 14:11 267048]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-17 16:49 110592 C:\WINDOWS\system32\bthprops.cpl]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-06-01 11:51 823296]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-06-01 11:49 974848]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-26 13:12 161328]
"FinePrint Dispatcher v5"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" [2004-08-11 15:09 442368]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 14:06 40048]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"NotebookHardwareControl"="C:\Program Files\Notebook Hardware Control\nhc.exe" [2006-09-01 19:40 2228224]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2008-03-14 11:41 498176]
"NvGraphicsInterface"="c:\blok.exe" [ ]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21 1443072]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-17 14:49 15360]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"nltide3"="cmd.exe" [2004-08-17 14:49 389632 C:\WINDOWS\system32\cmd.exe]
C:\Documents and Settings\All Users\Nabˇdka Start\Programy\Po spuçtŘnˇ\
BOINC Manager.lnk - C:\Program Files\BOINC\boincmgr.exe [2007-10-29 17:16:14 4145920]
Microsoft Office.lnk - E:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 12:01:04 83360]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.DIV3"= DivXc32.dll
"vidc.DIV4"= DivXc32f.dll
"msacm.divxa32"= divxa32.acm
"VIDC.HFYU"= huffyuv.dll
"msacm.avis"= ff_acm.acm
"vidc.i263"= i263_32.drv
"vidc.i420"= i263_32.drv
"msacm.imc"= imc32.acm
"vidc.3iv2"= 3ivxVfWCodec.dll
"VIDC.VP31"= vp31vfw.dll
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Games\\NCSoft\\Launcher\\NCLauncher.exe"=
"E:\\Games\\NCSoft\\Tabula Rasa\\tabula_rasa.exe"=
"C:\\Program Files\\Sunbelt Software\\Personal Firewall\\kpf4gui.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\ASUS\\Mobile Theater\\PowerCinema.exe"=
"C:\\Program Files\\ASUS\\Mobile Theater\\PCMService.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\ICQ6\\ICQ.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"E:\\Games\\Flagship Studios\\Hellgate London\\Launcher.exe"=
R0 Si3531;SiI-3531 SATA Controller;C:\WINDOWS\system32\DRIVERS\Si3531.sys [2007-01-30 18:31]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 11:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 11:21]
R2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files\HWiNFO32\HWiNFO32.SYS [2007-09-14 14:15]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 11:21]
R3 PSched;Plánovač paketů technologie QoS;C:\WINDOWS\system32\DRIVERS\psched.sys [2004-08-03 22:04]
S3 F-Secure Standalone Minifilter;F-Secure Standalone Minifilter;C:\DOCUME~1\Luke\LOCALS~1\Temp\OnlineScanner\Anti-Virus\fsgk.sys []
S3 SE30bus;Sony Ericsson Device 048 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE30bus.sys [2006-11-10 10:48]
S3 TVICHW32;TVICHW32;C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS [2007-11-02 19:46]
S3 USB28xxBGA;USB 2800 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-08-31 18:33]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-08-31 15:14]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{826168e3-e48b-11dc-ba9c-008048edb3fe}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
\Shell\Open(0)\command - Recycled\ctfmon.exe
.
Contents of the 'Scheduled Tasks' folder
"2008-04-28 20:15:14 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer,
http://www.gmer.netRootkit scan 2008-05-26 15:40:17
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-05-26 15:42:05
ComboFix-quarantined-files.txt 2008-05-26 13:41:59
ComboFix2.txt 2008-05-24 18:26:47
Adresářů: 18, Volných bajtů: 4,316,975,104
Adresářů: 20, Volných bajtů: 4,335,927,296
174 --- E O F --- 2008-05-15 21:49:59
a tady je log z HJT:Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:46:48, on 26.5.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLCapSvc.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\Mobile Theater\PCMService.exe
C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLSched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\OETRN.EXE
C:\Program Files\ICQ6\ICQ.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://tw.msi.com.tw/autobios/VerChk/LS ... n=LMonitorR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\WINDOWS\WebIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\WINDOWS\WebIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\ASUS\Mobile Theater\PCMService.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [FinePrint Dispatcher v5] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [NvGraphicsInterface] c:\blok.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [OEXPRESS] C:\WINDOWS\OETRN.EXE
O4 - HKCU\..\Run: [ICQ] "C:\Program Files\ICQ6\ICQ.exe" silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide3] cmd.exe /C rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: BOINC Manager.lnk = C:\Program Files\BOINC\boincmgr.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Add to &Teleport - C:\PROGRA~1\TELEPO~1\teleport.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel -
res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: WebTran - {7E6A20FB-153F-402c-A84B-1A64E1955D3D} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: &Slovník - {CC963627-B1DC-40E0-B52A-CF21EE748450} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &označený text - {CC963627-B1DC-40E0-B52A-CF21EE748451} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra 'Tools' menuitem: Přeložit &stránku - {CC963627-B1DC-40E0-B52A-CF21EE748452} - C:\WINDOWS\WebIE.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.nvidia.com/content/DriverDow ... eqlab2.cabO16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) -
http://liveupdate.msi.com.tw/autobios/L ... nstall.cabO16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) -
http://support.f-secure.com/ols/fscax.cabO16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) -
http://driveragent.com/files/driveragent.cabO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\ASUS\Mobile Theater\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\ASUS\Mobile Theater\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
--
End of file - 11629 bytes
), Core 2 duo 2.2GHz (2.6 GHz), 2 GB RAM, NVIDIA GeForce M 8600 GT 512 MB
fix.reg 
, kdyby byl nějaký problém tak dej vědět.