PC-HELP.CZ

Log z Combofix:

ComboFix 09-12-09.04 - uživatel 10.12.2009 22:25:19.2.1 - x86
Microsoft Windows XP Home Edition 5.1.2600.2.1250.420.1029.18.2046.1535 [GMT 1:00]
Spuštěný z: c:\documents and settings\uživatel\Plocha\ComboFix.exe
AV: ESET Smart Security 4.0 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: ActiveArmor Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D}
FW: ESET personal firewall *enabled* {E5E70D32-0101-4340-86A3-A7B0F1C8FFE0}
.

((((((((((((((((((((((((((((((((((((((( Ostatní výmazy )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\u§ivatel\Dokumenty\zaloha registr… - cc_20091210_211016.reg
c:\windows\TEMP\NOD26.tmp

.
((((((((((((((((((((((((( Soubory vytvořené od 2009-11-10 do 2009-12-10 )))))))))))))))))))))))))))))))
.

2009-12-10 20:42 . 2009-12-03 15:14 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-12-10 20:42 . 2009-12-03 15:13 19160 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-12-10 20:42 . 2009-12-10 20:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-12-10 20:24 . 2009-12-10 20:25 -------- d-----w- c:\program files\ATnotes
2009-12-10 20:16 . 2009-12-10 20:16 -------- d--h--w- c:\documents and settings\Administrator\Šablony
2009-12-10 20:07 . 2009-12-10 20:07 -------- d-----w- c:\program files\CCleaner
2009-12-07 14:20 . 2009-12-07 14:20 -------- d-----w- c:\windows\system32\LogFiles
2009-12-07 14:20 . 2009-01-05 13:54 81920 ----a-w- c:\windows\system32\ZDPN50.DLL
2009-12-07 14:20 . 2009-01-05 13:54 20608 ----a-w- c:\windows\system32\drivers\BRGSp50.sys
2009-12-07 14:20 . 2009-01-05 13:54 17664 ----a-w- c:\windows\system32\drivers\ZDPSp50.sys
2009-12-07 14:20 . 2009-01-05 13:54 17151 ----a-w- c:\windows\system32\ZDPNDIS5.SYS
2009-12-07 14:20 . 2009-01-05 13:54 31744 ----a-w- c:\windows\system32\drivers\ZDPSp50a64.sys
2009-12-07 14:20 . 2009-01-05 13:54 29184 ----a-w- c:\windows\system32\drivers\BRGSp50a64.sys
2009-12-07 14:20 . 2009-01-05 13:54 24576 ----a-w- c:\windows\system32\ZyDelReg.exe
2009-12-07 14:20 . 2009-01-05 13:54 28672 ----a-w- c:\windows\system32\InsDrvZD.dll
2009-12-07 14:20 . 2009-01-05 13:54 15872 ----a-w- c:\windows\system32\InsDrvZD64.DLL
2009-12-07 14:20 . 2009-12-07 14:20 -------- d-----w- c:\program files\TP-LINK
2009-11-30 19:07 . 2009-01-05 13:54 500736 ----a-w- c:\windows\system32\drivers\ZD1211BU.sys
2009-11-16 08:06 . 2009-11-16 08:06 55768 ----a-w- c:\windows\system32\drivers\epfwtdi.sys
2009-11-16 08:06 . 2009-11-16 08:06 135048 ----a-w- c:\windows\system32\drivers\epfw.sys
2009-11-16 08:03 . 2009-11-16 08:03 108792 ----a-w- c:\windows\system32\drivers\ehdrv.sys
2009-11-16 07:56 . 2009-11-16 07:56 116520 ----a-w- c:\windows\system32\drivers\eamon.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M výpis ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-12-07 14:20 . 2007-12-14 11:48 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-12-04 05:08 . 2008-01-31 13:15 -------- d-----w- c:\program files\Common Files\Adobe
2009-11-24 11:57 . 2006-03-02 12:00 46016 ----a-w- c:\windows\system32\perfc005.dat
2009-11-24 11:57 . 2006-03-02 12:00 309716 ----a-w- c:\windows\system32\perfh005.dat
.

(((((((((((((((((((((((((((((((((( Spouštěcí body v registru )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Poznámka* prázdné záznamy a legitimní výchozí údaje nejsou zobrazeny.
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATnotes.exe"="c:\program files\ATnotes\ATnotes.exe" [2005-01-05 1015808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"egui"="c:\program files\ESET\ESET Smart Security\egui.exe" [2009-11-16 2054360]
"ZDWlan.EXE"="c:\program files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE" [2009-01-14 491520]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2006-03-02 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ajr42.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Bjr87.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Bkr42.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Cks32.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Cls75.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Dmk86.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Emt75.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Fnv65.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Fow64.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Gow75.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Gpx07.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hqy10.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Hqy53.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Iry31.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Jra43.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Jsa54.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Jsa76.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ktc20.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Luc54.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Owf54.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Owf86.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Qah43.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Qyg86.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Tdk64.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Xho31.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
c:\windows\system32\dumprep 0 -u [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-01-11 21:16 39792 ----a-w- c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
2006-12-23 17:05 143360 ----a-w- c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2004-10-13 16:24 1694208 ------w- c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2006-01-12 14:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nTrayFw]
2006-02-17 09:40 270336 ----a-w- c:\program files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
2006-08-11 13:43 7630848 ----a-w- c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
2006-08-11 13:43 86016 ----a-w- c:\windows\system32\nvmctray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
2006-08-11 13:43 1519616 ----a-w- c:\windows\system32\nwiz.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\NVIDIA Corporation\\NetworkAccessManager\\Apache Group\\Apache2\\bin\\Apache.exe"=

R0 Ktc20;Ktc20;c:\windows\system32\drivers\Ktc20.sys [29.4.2008 8:12 27136]
R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [16.11.2009 9:03 108792]
R2 ekrn;ESET Service;c:\program files\Eset\ESET Smart Security\ekrn.exe [16.11.2009 9:04 735960]
S0 Ajr42;Ajr42;c:\windows\system32\Drivers\Ajr42.sys --> c:\windows\system32\Drivers\Ajr42.sys [?]
S0 Bjr87;Bjr87;c:\windows\system32\Drivers\Bjr87.sys --> c:\windows\system32\Drivers\Bjr87.sys [?]
S0 Bkr42;Bkr42;c:\windows\system32\Drivers\Bkr42.sys --> c:\windows\system32\Drivers\Bkr42.sys [?]
S0 Cks32;Cks32;c:\windows\system32\Drivers\Cks32.sys --> c:\windows\system32\Drivers\Cks32.sys [?]
S0 Cls75;Cls75;c:\windows\system32\Drivers\Cls75.sys --> c:\windows\system32\Drivers\Cls75.sys [?]
S0 Dmk86;Dmk86;c:\windows\system32\Drivers\Dmk86.sys --> c:\windows\system32\Drivers\Dmk86.sys [?]
S0 Emt75;Emt75;c:\windows\system32\Drivers\Emt75.sys --> c:\windows\system32\Drivers\Emt75.sys [?]
S0 Fnv65;Fnv65;c:\windows\system32\Drivers\Fnv65.sys --> c:\windows\system32\Drivers\Fnv65.sys [?]
S0 Fow64;Fow64;c:\windows\system32\Drivers\Fow64.sys --> c:\windows\system32\Drivers\Fow64.sys [?]
S0 Gow75;Gow75;c:\windows\system32\Drivers\Gow75.sys --> c:\windows\system32\Drivers\Gow75.sys [?]
S0 Gpx07;Gpx07;c:\windows\system32\Drivers\Gpx07.sys --> c:\windows\system32\Drivers\Gpx07.sys [?]
S0 Hqy10;Hqy10;c:\windows\system32\Drivers\Hqy10.sys --> c:\windows\system32\Drivers\Hqy10.sys [?]
S0 Hqy53;Hqy53;c:\windows\system32\Drivers\Hqy53.sys --> c:\windows\system32\Drivers\Hqy53.sys [?]
S0 Iry31;Iry31;c:\windows\system32\Drivers\Iry31.sys --> c:\windows\system32\Drivers\Iry31.sys [?]
S0 Jra43;Jra43;c:\windows\system32\Drivers\Jra43.sys --> c:\windows\system32\Drivers\Jra43.sys [?]
S0 Jsa54;Jsa54;c:\windows\system32\Drivers\Jsa54.sys --> c:\windows\system32\Drivers\Jsa54.sys [?]
S0 Jsa76;Jsa76;c:\windows\system32\Drivers\Jsa76.sys --> c:\windows\system32\Drivers\Jsa76.sys [?]
S0 Luc54;Luc54;c:\windows\system32\Drivers\Luc54.sys --> c:\windows\system32\Drivers\Luc54.sys [?]
S0 Owf54;Owf54;c:\windows\system32\Drivers\Owf54.sys --> c:\windows\system32\Drivers\Owf54.sys [?]
S0 Owf86;Owf86;c:\windows\system32\Drivers\Owf86.sys --> c:\windows\system32\Drivers\Owf86.sys [?]
S0 Qah43;Qah43;c:\windows\system32\Drivers\Qah43.sys --> c:\windows\system32\Drivers\Qah43.sys [?]
S0 Qyg86;Qyg86;c:\windows\system32\Drivers\Qyg86.sys --> c:\windows\system32\Drivers\Qyg86.sys [?]
S0 Tdk64;Tdk64;c:\windows\system32\Drivers\Tdk64.sys --> c:\windows\system32\Drivers\Tdk64.sys [?]
S0 Xho31;Xho31;c:\windows\system32\Drivers\Xho31.sys --> c:\windows\system32\Drivers\Xho31.sys [?]
S3 Axtmvflt;Axesstel USB Filter Service;c:\windows\system32\drivers\Axtmvflt.sys [8.1.2009 19:25 3456]
S3 Axtmvmdm;Axesstel USB Modem;c:\windows\system32\drivers\Axtmvmdm.sys [8.1.2009 19:25 40064]
S3 Axtmvprt;Axesstel Diagnostic Port;c:\windows\system32\drivers\Axtmvprt.sys [8.1.2009 22:42 38784]
S3 Dmt54;Dmt54;c:\windows\system32\drivers\Dmt54.sys [18.4.2008 8:04 0]
S3 Fov43;Fov43;c:\windows\system32\drivers\Fov43.sys [23.4.2008 8:10 0]
S3 Iry08;Iry08;c:\windows\system32\drivers\Iry08.sys [21.4.2008 8:51 0]
S3 Scj53;Scj53;c:\windows\system32\drivers\Scj53.sys [24.4.2008 8:16 0]
S3 Vfm65;Vfm65;c:\windows\system32\drivers\Vfm65.sys [21.4.2008 8:09 0]
S3 ZD1211BU(TP-LINK);TP-LINK Wireless USB Adapter Driver(TP-LINK);c:\windows\system32\drivers\ZD1211BU.sys [30.11.2009 20:07 500736]
.
------- Doplňkový sken -------
.
uStart Page = hxxp://www.centrum.cz/
LSP: %SYSTEMROOT%\system32\nvappfilter.dll
FF - ProfilePath - c:\documents and settings\uživatel\Data aplikací\Mozilla\Firefox\Profiles\1buikhuh.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.seznam.cz/

---- NASTAVENÍ FIREFOXU ----
c:\program files\Mozilla Firefox\defaults\pref\firefox-l10n.js - pref("browser.fixup.alternate.suffix", ".cz");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-10 22:27
Windows 5.1.2600 Service Pack 2 NTFS

skenování skrytých procesů ...

skenování skrytých položek 'Po spuštění' ...

skenování skrytých souborů ...

sken byl úspešně dokončen
skryté soubory: 0

**************************************************************************
.
--------------------- Knihovny navázané na běžící procesy ---------------------

- - - - - - - > 'winlogon.exe'(564)
c:\windows\system32\WinNt32.dll
c:\windows\system32\nvappfilter.dll

- - - - - - - > 'lsass.exe'(620)
c:\windows\system32\nvappfilter.dll
.
Celkový čas: 2009-12-10 22:28:53
ComboFix-quarantined-files.txt 2009-12-10 21:28
ComboFix2.txt 2009-12-10 21:17

Před spuštěním: Volných bajtů: 237 173 014 528
Po spuštění: Volných bajtů: 237 166 743 552

- - End Of File - - F6CDD7AB3FC3C145A3CD2440779D5042

S důvěrou se obrať k tomu, co ti poradil Combofix

No tak to sis dobře zavařil Wigon je ted nejrozšířenější a nadělá kotel neplechy.

Ehm...
@Wik: http://viry.cz/forum/viewtopic.php?f=13&t=94752
Pokial to mienis riesit kade-tade, taxa daleko nedostanes a zbytocne nutis ludi robit tu istu robotu 2x...

@fNxXx: Neviem z kade mas statistiku, ale Wigon bol "in"pred par mesiacmi a nie teraz - tento pripad je skor vynimka...

Tak jak si se rozholdl? Kde to budeš řešit?

Zde je teda log z hijack this:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:18, on 12.12.2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\ATnotes\ATnotes.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\uživatel\Plocha\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.centrum.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: Podpora odkazu pro Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ZDWlan.EXE] "C:\Program Files\TP-LINK\TP-LINK Wireless Client Utility\ZDWlan.EXE"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [MRT] "C:\WINDOWS\system32\MRT.exe" /R
O4 - HKCU\..\Run: [ATnotes.exe] C:\Program Files\ATnotes\ATnotes.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 5197 bytes

A co říká ten, co ti poradil ComboFix?

Jináč tam máš pěkný stádo šmejdů.

NOD je cracklej?

Nikdo mi combofix neporadil, viml jsem si, že jeho logy se tady objevují, tak jsem ho sem hodil taky.
ESET mám zakoupený

Tak sis určitě přečetl i varování před jeho spuštěním?

No něco jsem si přečetl,proč?

Tak vidím, že se tady asi pomoci nedočkám.

Protože tam je psáno:

Pokud Combofixu nerozumíte, NESPOUŠTĚJTE HO. Combofix používejte POUZE pod dohledem zkušeného uživatele ComboFixu.

Tohle je to málo co sis měl přečíst.
Takže, pokud já předpokládám a zcela správně, že ComboFixu rozumíš, dívím se, že si pohoršen, de facto svým chováním.

Jaký byl stav před použitím ComboFixu? (Hlavně mi sem nestrkej log z MWAV)

PC-HELP.CZ

Prosím o pomoc - mám vira wigon

Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon

Re: Prosím o pomoc - mám vira wigon