VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Blokovaný internet kvůli rozesílání spamu

https://forum.viry.cz:443/viewtopic.php?t=121890

Stránka 1 z 1

Blokovaný internet kvůli rozesílání spamu

Napsal: 24 kvě 2012 17:58
od VaVa-CZ
Dobrý den, včera ve večerních hodinách mi provider (Netbox) zablokoval internet kvůli rozesílání spamu.
____
Omezení služeb: Automatická blokace kvůli odesílání spamu.
Omezeno od: 23. 5. 2012 20:21
Další informace: SPAM,VIRUS; 2012-05-23 19:55 - 20:18, rozeslano zprav se spamem: 105, pocet smtp serveru: 101, pouzito ruznych odchozich emailovych adres: 1
____
Jediné co funguje je Skype a pár stránek(živě.cz, kaspersky.cz, slunečnice.cz, czshare.com). Z tohoto důvodu sem nedávám log z RSIT, ale pouze z ComboFixu a DDS, ty jedine v pc mám. Jediná možnost jak do PC něco dostat je poslat to přez skype...
Počítač jsem nechal oskenovat pomocí Kaspersky IS 2012 - aktualizováno včera a pomocí MBAM - oba programy nějakou havěť našly a smazaly...
Log z combofixu:
http://czshare.com/2952201/ComboFix.txt



Log z DDS:
.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_24
Run by VaVa at 16:11:31 on 2012-05-24
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.420.1029.18.6143.3924 [GMT 2:00]
.
AV: Kaspersky Internet Security *Disabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Internet Security *Disabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security *Disabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe
C:\Windows\SysWOW64\astsrv.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Programy\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\I-O DATA\IoDevMgrService\IoDevMgrService.exe
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneService.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files (x86)\NVIDIA Corporation\System Update\UpdateCenterService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AI Suite\EnergySaving\PwSave.exe
C:\Program Files (x86)\ASUS\AASP\1.01.05\aaCenter.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
C:\Programy\PC Remote\PC Remote\PCRemote.exe
C:\Programy\Aura beta 3\Aura.exe
C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe
C:\Program Files (x86)\DAEMON Tools\daemon.exe
C:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe
C:\Program Files (x86)\GIGABYTE\GHOST(6980)\GHOSTOPEN.exe
C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Programy\AID64 Extreme Edition 1.60.1300\AIDA64 Extreme Edition 1.60.1300 Final\aida64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\SysWOW64\ipconfig.exe
C:\Windows\system32\conhost.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Programy\Skype\Phone\Skype.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\vssvc.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Pomocník pro přihlášení ke službě Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [PC Remote Server] C:\Programy\PC Remote\PC Remote\PCRemote.exe /silent
mRun: [Ai Nap] "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe"
mRun: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
mRun: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
mRun: [LogMeIn Hamachi Ui] "C:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun: [ghost] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe
mRun: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\VaVa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AURAZS~1.LNK - C:\Programy\Aura beta 3\Aura.exe
StartupFolder: C:\Users\VaVa\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SYSTEM~1\EVERNO~1.LNK - C:\Programy\Evernote\Evernote\EvernoteClipper.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Evernote 4.0 - C:\Programy\Evernote\Evernote\EvernoteIE.dll/204
IE: E&xportovat do aplikace Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Od&eslat do aplikace OneNote - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Převést cíl vazby do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Převést do Adobe PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
IE: Přidat do Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
IE: Připojit cíl vazby k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Připojit k existujícímu PDF - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Programy\Evernote\Evernote\EvernoteIE.dll/204
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/ms ... b56986.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/Me ... b56907.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinsta ... s-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 83.240.0.214 83.240.0.136
TCP: Interfaces\{A1D1787F-05D8-43A5-9496-C688C96AD8B5} : DhcpNameServer = 83.240.0.214 83.240.0.136
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: asp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: ezstor - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: hsp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\ProgramData\Skype\Plugins\Plugins\D32D9ABFBE354AC8A84F07C309C1E3AF\Skype4COM.dll
Handler: x-asp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: x-cnote - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: x-hsp - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: x-mem1 - {C3719F83-7EF8-4BA0-89B0-3360C7AFB7CC} - C:\Program Files (x86)\Common Files\EzTools\wowctl2.dll
Handler: x-zip - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
Handler: zip - {8D32BA61-D15B-11d4-894B-000000000000} - C:\Program Files (x86)\Common Files\EzTools\hsppp.dll
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\SysWow64\DreamScene.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
SecurityProviders: credssp.dll, IzmuwfiLmodf.dll
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AE7CD045-E861-484f-8273-0445EE161910}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{DBC80044-A445-435b-BC74-9C25C1C588A9}
{E33CF602-D945-461A-83F0-819F76A199F8}
{F4971EE7-DAA0-4053-9964-665D8EE6A077}
{D4027C7F-154A-4066-A1AD-4243D8127440}
{47833539-D0C5-4125-9FA8-0819E2EAAC93}
mRun-x64: [Ai Nap REG_SZ "C:\Program Files (x86)\ASUS\AI Suite\AiNap\AiNap.exe" ]
mRun-x64: [CPU Power Monitor] "C:\Program Files (x86)\ASUS\AI Suite\AiGear3\CpuPowerMonitor.exe"
mRun-x64: [Cpu Level Up help] "C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe"
mRun-x64: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun-x64: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033
mRun-x64: [LogMeIn Hamachi Ui] "C:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
mRun-x64: [ghost] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\ghostopen.exe
mRun-x64: [Tilt] C:\Program Files (x86)\GIGABYTE\GHOST(6980)\Tilt.exe
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
IE-X64: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - res://C:\Programy\Evernote\Evernote\EvernoteIE.dll/204
STS-X64: {E31004D1-A431-41B8-826F-E902F9D95C81}: Windows DreamScene
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\VaVa\AppData\Roaming\Mozilla\Firefox\Profiles\7dkcled3.default\
FF - prefs.js: browser.startup.homepage - hxxp://google.cz
FF - prefs.js: keyword.URL - hxxp://www.google.com/search?hl=en&btnI ... g+Lucky&q=
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.0.61118.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Programy\Mozilla Firefox\plugins\npdeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.proxy.type - 0
FF - user.js: network.proxy.http -
user_pref(network.proxy.http_port,);
FF - user.js: network.proxy.no_proxies_on -
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: network.http.pipelining - true
FF - user.js: network.http.proxy.pipelining - true
FF - user.js: network.http.pipelining.ssl - true
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: browser.urlbar.autoFill - true
.
============= SERVICES / DRIVERS ===============
.
R0 DSFKSVCS;Kernel Services for DSF;C:\Windows\system32\DRIVERS\dsfksvcs.sys C:\Windows\system32\DRIVERS\dsfksvcs.sys [?]
R0 dsfroot;root enumerated bus driver;C:\Windows\system32\DRIVERS\dsfroot.sys C:\Windows\system32\DRIVERS\dsfroot.sys [?]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\system32\DRIVERS\NBVol.sys C:\Windows\system32\DRIVERS\NBVol.sys [?]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\system32\DRIVERS\NBVolUp.sys C:\Windows\system32\DRIVERS\NBVolUp.sys [?]
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys C:\Windows\system32\DRIVERS\klim6.sys [?]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe C:\Windows\system32\atiesrxx.exe [?]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.13\aaHMSvc.exe [2011-4-8 915584]
R2 AVP;Služba Kaspersky Anti-Virus;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Programy\LogMeIn Hamachi\hamachi-2.exe [2012-2-28 2343816]
R2 IoDevMgrService;I-O DATA Device Management Service;C:\Program Files (x86)\I-O DATA\IoDevMgrService\IoDevMgrService.exe [2009-9-23 140744]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-5-24 654408]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2011-9-23 641832]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-15 381248]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2010-10-27 1974080]
R3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;C:\Programy\AID64 Extreme Edition 1.60.1300\AIDA64 Extreme Edition 1.60.1300 Final\kerneld.x64 [2011-4-2 27296]
R3 HRMCFGSPC;DSF General Configuration Space Redirection Module;C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS C:\Windows\system32\DRIVERS\HRMCFGSPC.SYS [?]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys C:\Windows\system32\drivers\mbam.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys C:\Windows\system32\drivers\nvhda64v.sys [?]
R3 nvoclk64;NVIDIA Enthusiasts Platform KDM;C:\Windows\system32\DRIVERS\nvoclk64.sys C:\Windows\system32\DRIVERS\nvoclk64.sys [?]
R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
R3 softehci;Microsoft USB 2.0 Enhanced Host Controller Interface (EHCI) Simulator Driver";C:\Windows\system32\DRIVERS\softehci.sys C:\Windows\system32\DRIVERS\softehci.sys [?]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\system32\DRIVERS\teamviewervpn.sys C:\Windows\system32\DRIVERS\teamviewervpn.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2010-10-7 11856]
R3 usbehci_dsf;Microsoft DSF-enabled USB 2.0 Enhanced Host Controller Interface (EHCI) Miniport Driver;C:\Windows\system32\DRIVERS\usbehci_dsf.sys C:\Windows\system32\DRIVERS\usbehci_dsf.sys [?]
R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys C:\Windows\system32\DRIVERS\yk62x64.sys [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Služba Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-28 136176]
S2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-4-23 2253120]
S2 SkypeUpdate;Skype Updater;C:\Programy\Skype\Updater\Updater.exe [2012-2-29 158856]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-5-5 257696]
S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys C:\Windows\system32\DRIVERS\atikmdag.sys [?]
S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys C:\Windows\system32\DRIVERS\atikmpag.sys [?]
S3 CoordinatorServiceHost;SW Distributed TS Coordinator Service;C:\Programy\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe [2011-1-8 87336]
S3 EverestDriver;Lavalys EVEREST Kernel Driver;C:\Programy\PortableAppZ\EverestPortable\App\EverestUltimate\kerneld.amd64 [2009-5-25 25216]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2009-10-9 1431888]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe [2011-7-11 130976]
S3 gupdatem;Služba Google Update (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2010-5-28 136176]
S3 HRMINTS;DSF Interrupt Redirection Module;C:\Windows\system32\DRIVERS\HRMINTS.SYS C:\Windows\system32\DRIVERS\HRMINTS.SYS [?]
S3 HRMPORTS;DSF IO Port Redirection Module;C:\Windows\system32\DRIVERS\HRMPORTS.SYS C:\Windows\system32\DRIVERS\HRMPORTS.SYS [?]
S3 IOMap;IOMap;\??\C:\Windows\system32\drivers\IOMap64.sys C:\Windows\system32\drivers\IOMap64.sys [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-5 112584]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 PsShutdownSvc;PsShutdown;C:\Windows\PSSDNSVC.EXE [2010-5-8 87616]
S3 ScreamBAudioSvc;ScreamBee Audio;C:\Windows\system32\drivers\ScreamingBAudio64.sys C:\Windows\system32\drivers\ScreamingBAudio64.sys [?]
S3 SOFTHIDUSBK;USB HID Layer;C:\Windows\system32\DRIVERS\SOFTHIDUSBK.SYS C:\Windows\system32\DRIVERS\SOFTHIDUSBK.SYS [?]
S3 SOFTUSBK;Generic USB device;C:\Windows\system32\DRIVERS\SOFTUSBK.SYS C:\Windows\system32\DRIVERS\SOFTUSBK.SYS [?]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 VCSVADHWSer;Avnex Virtual Audio Device (WDM);C:\Windows\system32\DRIVERS\vcsvad.sys C:\Windows\system32\DRIVERS\vcsvad.sys [?]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Programy\RealTemp_358_2\WinRing0x64.sys [2010-5-8 14544]
S3 WMZuneComm;Zune Windows Mobile Connectivity Service;C:\Program Files\Zune\WMZuneComm.exe [2011-8-5 306400]
S4 TeamViewer4;TeamViewer 4;C:\Program Files (x86)\TeamViewer\Version4\TeamViewer_Service.exe [2009-10-7 185640]
S4 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2010-12-7 2228008]
.
=============== Created Last 30 ================
.
2012-05-24 13:58:19 -------- d-----w- C:\Users\VaVa\AppData\Roaming\wargaming.net
2012-05-24 12:54:34 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCD0A8CB-7416-4F92-A4C5-F436B5DDB6BE}\offreg.dll
2012-05-24 12:07:49 -------- d-sh--w- C:\$RECYCLE.BIN
2012-05-24 07:06:22 -------- d-----w- C:\ComboFix
2012-05-24 04:34:27 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2012-05-23 18:10:16 -------- d-----w- C:\SDFix
2012-05-23 16:57:06 -------- d-----w- C:\ProgramData\Kaspersky Lab
2012-05-23 16:57:06 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2012-05-12 03:49:15 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DCD0A8CB-7416-4F92-A4C5-F436B5DDB6BE}\mpengine.dll
2012-05-11 17:53:22 24416 ----a-r- C:\Windows\System32\AdobePDFUI.dll
2012-05-11 05:08:37 -------- d-----w- C:\Users\VaVa\AppData\Roaming\ts3overlay
2012-05-05 12:07:05 8769696 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe
2012-05-05 12:00:59 544032 ----a-w- C:\Windows\System32\npdeployJava1.dll
2012-05-05 11:23:15 -------- d-----w- C:\Program Files (x86)\Mozilla Maintenance Service
2012-05-05 11:12:25 419488 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
.
==================== Find3M ====================
.
2012-05-05 12:07:19 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2012-05-05 12:00:53 525600 ----a-w- C:\Windows\System32\deployJava1.dll
2012-04-04 13:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys
2012-02-26 14:47:02 79360 ----a-w- C:\Windows\SysWow64\ff_vfw.dll
2012-02-26 14:45:54 48128 ----a-w- C:\Windows\SysWow64\ff_acm.acm
.
============= FINISH: 16:12:00,30 ==========


Děkuji

Re: Blokovaný internet kvůli rozesílání spamu

Napsal: 24 kvě 2012 18:27
od Rudy
Zdravím!
Udělejte sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 a dejte log.

Re: Blokovaný internet kvůli rozesílání spamu

Napsal: 25 kvě 2012 05:17
od VaVa-CZ
Nic nenalezeno...
Také bych se chtěl zeptat, zdali při případné reinstalaci(formátu systémového disku C) bylo riziko neformátovat druhý disk D na kterém jsou jen data - foto, video, ... Fyzicky mám 1 HDD rozdělené na 2.
A co záloha určitých dokumentů, videí atp z disku C na externí disk?

Re: Blokovaný internet kvůli rozesílání spamu

Napsal: 25 kvě 2012 16:58
od Rudy
Zálohovat na externí disk můžete. Nicméně format, který provede instalační rutina, se v každém případě týká pouze toho disku, na nějž budete systém instalovat. Ostatních oddílů se instalátor nevšímá.
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz