[ stevka @ 08.11.2010. 11:07 ] @
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:05:52 PM, on 11/8/2010
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\System32\msiexec.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\tsnpstd3.exe
C:\WINDOWS\vsnpstd3.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\nn\Desktop\stevka.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: HP Smart Web Printing 1.0 - {AE84A6AA-A333-4B92-B276-C11E2212E4FE} - C:\Program Files\Hewlett-Packard\Smart Web Printing\SmartWebPrinting.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tsnpstd3] C:\WINDOWS\tsnpstd3.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/downloa...com/dl/yinst/yinst_current.cab
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe

--
End of file - 4258 bytes
[ magna86 @ 08.11.2010. 18:39 ] @
Log je cist...
[ igispasic @ 14.11.2010. 21:20 ] @
moze li pomoc, koristim win7 i od pre nekoliko dana mi javlja u poruci "nvsvc32.exe" u cemu je problem?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:15:46, on 14/11/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Common Files\ACD Systems\EN\DevDetect.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Windows\nvsvc32.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
D:\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://googleure.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Device Detector] DevDetect.exe -autorun
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -update plugin
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra 'Tools' menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia....ockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

--
End of file - 7811 bytes
[ magna86 @ 15.11.2010. 08:51 ] @
Igore...imenjace...i tvoj log je cist.

Reinstaliraj ili update-uj drajvere od graficke. To bi trebalo resiti problem.
[ NikolaPlavsic @ 19.11.2010. 18:50 ] @
Greška, log nije čist. Korisnik je inficiran trojancem.

nvsvc32.exe MORA da se nalazi u C:\Windows\system32, što u ovom slučaju nije! U pitanju je trojanac koji se krije u C:\Windows\nvsvc32.exe!

• Pokreni HijackThis i klikni na "Do a system scan only".
• Obeleži sledeće redove ispred kukicom :

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O4 - HKLM\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe
O4 - HKCU\..\Run: [NVIDIA driver monitor] C:\Windows\nvsvc32.exe

• Klikni na dugme "Fix Checked" i zatvori HijackThis.

1. Skini OTM by OldTimer na svoj desktop sa linka ovde
2. Pokreni ga i u polje "Paste instructions for items to be Moved" kopiraj sledeće:

Citat:
:files
C:\Windows\nvsvc32.exe

[emptytemp]
[purity]


3. Klikni na dugme Move It, a zatim na Clean Up. Ako bude tražio da se računar restartuje, molim te uradi to.

Pozdrav ;)
[ akiko1 @ 27.11.2010. 17:46 ] @
Pozdrav svima,
Da ne bih otvarao novu temu odlucio sam evo ovdje da potrazim pomoc.

Koristim WIN 7 i od prije mjesec dana rad compa je drasticno usporen. Sistem se sporije dize nego inace, ali glavni problem je kada pokusam da se konektujem na net. U tom trenutku procesor sa nekih 40% ode u 100% zauzetosti i tu ostane par minuta, tako da je pokretanje bilo cega veoma sporo (cak i muzika na winampu u tom trenu trza).

Evo saljem HijackThis log. Nadam se da ce biti od pomoci!


Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:38:47, on 27.11.2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16671)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Winamp\winamp.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\harAKIri\Desktop\ESThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GR469A~1.DLL
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - Global Startup: Server4PC.lnk = C:\Program Files\TechniSat DVB\bin\Server4PC.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O17 - HKLM\System\CCS\Services\Tcpip\..\{87CA4998-AA91-4BBF-BE34-AF5A4769E906}: NameServer = 195.222.32.10 195.222.32.20
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GRA32A~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\skype4com.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe

--
End of file - 5074 bytes
[ magna86 @ 28.11.2010. 13:55 ] @
Idemo "dublje" ako zelis tako sto ces preuzeti DDS Program na Desktop
http://download.bleepingcomputer.com/sUBs/dds.com

Dvoklikom pokreni dds i kad zavrsi, DDS ce otvoriti dva loga:
1. DDS.txt
2. Attach.txt
Oba izvestaja sacuvaj na Desktop.
Kopiraj mi DDS.txt
[ akiko1 @ 28.11.2010. 23:22 ] @
DDS (Ver_10-11-27.01) - NTFSx86
Run by harAKIri at 0:17:32,42 on pon 29.11.2010
Internet Explorer: 8.0.7600.16385
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.387.1033.18.1024.585 [GMT 1:00]


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\Ati2evxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\Dwm.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\TechniSat DVB\bin\Server4PC.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Users\harAKIri\Desktop\dds.com
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = about:blank
mStart Page = about:blank
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [egui] "c:\program files\eset\eset smart security\egui.exe" /hide /waitservice
mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
mRun: [SoundMan] SOUNDMAN.EXE
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe"
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\server~1.lnk - c:\program files\technisat dvb\bin\Server4PC.exe
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
mPolicies-system: PromptOnSecureDesktop = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: Send by Bluetooth - c:\program files\ivt corporation\bluesoleil\transsend\ie\tsinfo.htm
IE: Send via &Message... - c:\program files\ivt corporation\bluesoleil\transsend\ie\tssms.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab
TCP: {87CA4998-AA91-4BBF-BE34-AF5A4769E906} = 195.222.32.10 195.222.32.20
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GRA32A~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\windows\system32\skype4com.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GR469A~1.DLL

================= FIREFOX ===================

FF - ProfilePath - c:\users\harakiri\appdata\roaming\mozilla\firefox\profiles\uqln6bt9.default\
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\win7codecs\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\harakiri\appdata\local\google\update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\users\harakiri\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\harakiri\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: DownloadHelper: {b9db16a4-6edc-47ec-a1f4-b86292ed211d} - c:\users\harakiri\appdata\roaming\mozilla\firefox\profiles\uqln6bt9.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

============= SERVICES / DRIVERS ===============

R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [2009-1-7 20744]
R2 ekrn;ESET Service;c:\program files\eset\eset smart security\ekrn.exe [2009-9-11 735960]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2009-9-11 38240]
R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-9-4 304464]
R3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [2008-12-7 30088]
R3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [2008-7-2 26248]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-9-4 20952]
R3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\drivers\SkyNET.sys [2010-1-10 507408]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2010\TuneUpUtilitiesDriver32.sys [2009-10-14 10064]
S4 BsMobileCS;BsMobileCS;c:\program files\ivt corporation\bluesoleil\BsMobileCS.exe [2009-2-27 143467]
S4 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2010\TuneUpUtilitiesService32.exe [2009-12-17 1044808]

=============== Created Last 30 ================

2010-11-28 22:32:40 15256 ----a-w- c:\users\harakiri\appdata\roaming\microsoft\identitycrl\production\ppcrlconfig.dll
2010-11-28 16:58:52 6273872 ----a-w- c:\progra~2\microsoft\windows defender\definition updates\{95663f62-1288-4c1c-a8a0-3a61b5a4b8d4}\mpengine.dll
2010-11-28 15:22:02 -------- d-----w- c:\program files\Best Spyware Scanner
2010-11-28 14:29:09 -------- d-----w- c:\program files\CCleaner
2010-11-27 14:46:24 -------- d-sh--w- C:\$RECYCLE.BIN
2010-11-27 14:32:45 98816 ----a-w- c:\windows\sed.exe
2010-11-27 14:32:45 89088 ----a-w- c:\windows\MBR.exe
2010-11-27 14:32:45 256512 ----a-w- c:\windows\PEV.exe
2010-11-27 14:32:45 161792 ----a-w- c:\windows\SWREG.exe
2010-11-27 10:11:21 -------- d-----w- c:\progra~2\Kaspersky Lab Setup Files
2010-11-26 15:49:47 -------- d-----w- c:\program files\Loaris
2010-11-15 00:13:04 -------- d-----w- c:\windows\sr-Latn-CS
2010-11-15 00:12:59 -------- d-----w- c:\windows\system32\drivers\sr-Latn-CS
2010-11-15 00:12:58 -------- d-----w- c:\windows\system32\wbem\sr-Latn-CS
2010-11-14 23:35:19 -------- d-----w- c:\windows\hr-HR
2010-11-14 23:35:18 -------- d-----w- c:\windows\system32\drivers\hr-HR
2010-11-14 23:35:12 -------- d-----w- c:\windows\system32\wbem\hr-HR
2010-11-14 17:50:20 293376 ----a-w- c:\windows\system32\browserchoice.exe

==================== Find3M ====================

2010-10-19 09:41:44 222080 ------w- c:\windows\system32\MpSigStub.exe
2010-09-08 04:30:04 978432 ----a-w- c:\windows\system32\wininet.dll
2010-09-08 04:28:15 44544 ----a-w- c:\windows\system32\licmgr10.dll
2010-09-08 03:22:31 386048 ----a-w- c:\windows\system32\html.iec
2010-09-08 02:48:16 1638912 ----a-w- c:\windows\system32\mshtml.tlb
2010-09-01 04:23:49 12625408 ----a-w- c:\windows\system32\wmploc.DLL
2010-09-01 02:34:52 2327552 ----a-w- c:\windows\system32\win32k.sys
2010-08-31 04:32:30 954752 ----a-w- c:\windows\system32\mfc40.dll
2010-08-31 04:32:30 954288 ----a-w- c:\windows\system32\mfc40u.dll

============= FINISH: 0:19:22,47 ===============
[ magna86 @ 30.11.2010. 11:24 ] @
Pokretao si ComboFix ...
Uz poruku mi prikaci njegov log nalazi se na C particiji:
[ akiko1 @ 01.12.2010. 23:12 ] @
I izbrisao prije nego sam procitao tvoju zadnju poruku. Zatim sam ga pokusao opet skinuti i pokrenuti, ali nije uspjevalo jer pokrene se i izgasi odmah. Onda od muke formatirao disk i evo sad je sve OK!
Hvalla ti na pomoci u svakom slucaju.
Lijep pozdrav!
[ vlada98 @ 19.07.2011. 08:10 ] @
moze li pomoc, koristim win7 i od pre nekoliko dana mi javlja u poruci "nvsvc32.exe" u cemu je problem?
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:03:13, on 19.7.2011
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Uniblue\SpeedUpMyPC\spmonitor.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\vujosevic1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\vujosevic1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\vujosevic1\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

O4 - HKCU\..\Run: [SpeedUpMyPC] "C:\Program Files\Uniblue\SpeedUpMyPC\launcher.exe" delay 20000
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 1390 bytes
[ Vodomar @ 19.07.2011. 12:31 ] @
po ovome koristiš xp a fajl je od graficke pokusaj reinstalaciju ponovo downloaduj drajver sa nvidijinog sajta

http://software.benchmark.rs/h...ja_drajvera_za_grafichke_karte
[ kristi1 @ 19.07.2011. 17:30 ] @
HijackThis se poodavno ne koristi za analizu sistema na malware jer ne vidi nista.

primer:

Avast instalira nekoliko drajvera i servisa. HJT je prikazao samo jedan service, gde su drajveri u kernel modu?
Sta je sa startup-om.

Shvatas o cemu pricam.

Drugo, trazio si pomoc u temi koja nema veze sa tvojim slucajem, ajde ok, ali da si samo iole pogledao temu iznad video bi sta je @magna86 trazio korisniku posle HJT-a (nije ga ni pogledao) iz razloga koji sam vec naveo.

Citat:
moze li pomoc, koristim win7 i od pre nekoliko dana mi javlja u poruci "nvsvc32.exe" u cemu je problem?



Da li je ovo opis problema ili mozda mi imamo carobnu kuglu pa vidimo sta se dogadja na tvom "Win7" sistemu.


[ hejejj @ 20.07.2011. 03:28 ] @
i meni cudno radi windows jel neko prmjecuje nesto sumnjivo ovamo?
DDS (Ver_2011-07-14.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_26
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.4095.1969 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Anti-Virus *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\PixArt\Pac207\Monitor.exe
C:\Program Files (x86)\RocketDock\RocketDock.exe
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtblfs.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashUtil10u_ActiveX.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit = userinit.exe
BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
uRun: [RocketDock] "C:\Program Files (x86)\RocketDock\RocketDock.exe"
uRun: [Facebook Update] "C:\Users\laki\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\laki\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: HideFastUserSwitching = dword:1
mPolicies-Explorer: NoClose = dword:1
mPolicies-Explorer: NoLogoff = dword:1
mPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: DisableChangePassword = dword:1
mPolicies-System: DisableLockWorkstation = dword:1
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
DPF: {7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D} - hxxps://browsercheck.qualys.com/qbc_ax.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{E400C0B0-5D13-4C50-8A74-B27B4BF6E923} : DHCPNameServer = 192.168.1.254
SSODL: WebCheck - <orphaned>
x64-BHO: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll
x64-BHO: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
x64-IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\ievkbd.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\x64\klwtbbho.dll
x64-Notify: klogon - C:\Windows\System32\klogon.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\gaq3idqz.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Users\laki\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\gaq3idqz.default\extensions\{7D2FB79E-E58C-4DB5-A36F-AC1C73967F4D}\plugins\npqbc.dll
FF - plugin: C:\Users\laki\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\laki\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;C:\Windows\System32\drivers\kl2.sys [2011-3-4 11864]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2011-3-10 29488]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [2011-4-24 202296]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-7-15 366640]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-6-16 2214504]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\System32\drivers\klmouflt.sys [2009-11-2 22544]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2011-6-16 25912]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\System32\drivers\nvhda64v.sys [2011-6-16 174184]
S3 PAC207;SoC PC-Camera;C:\Windows\System32\drivers\PFC027.SYS [2006-12-5 572416]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-6-28 1255736]
.
=============== Created Last 30 ================
.
2011-07-19 17:51:40 8873296 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{9A123CCF-F7E1-461F-B635-D86BFBCCE063}\mpengine.dll
2011-07-18 16:54:16 -------- d-----w- C:\Users\laki\AppData\Local\SKIDROW
2011-07-18 16:33:57 -------- d-----w- C:\Program Files (x86)\Valve
2011-07-17 19:12:52 197728 ----a-w- C:\Windows\WinVd32.sys
2011-07-17 19:12:49 7680 ----a-w- C:\Windows\SysWow64\WinFLsrv.exe
2011-07-17 19:12:46 -------- d-----w- C:\Program Files (x86)\Folder Lock 6
2011-07-14 00:28:09 -------- d-----w- C:\Program Files\Speccy
2011-07-13 16:43:51 -------- d-----w- C:\Users\laki\AppData\Local\{91BA557B-1CBD-41A9-B170-3511B240FC28}
2011-07-12 16:07:13 -------- d-----w- C:\Users\laki\AppData\Local\{6F42191F-1BAE-47E4-94B5-B486C37B43B3}
2011-07-11 17:05:19 -------- d-----w- C:\Users\laki\AppData\Local\{1B8755D5-4592-4FB7-A35C-DCDE6B790259}
2011-07-11 05:16:28 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll
2011-07-11 05:16:28 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll
2011-07-11 05:13:23 -------- d-----w- C:\Users\laki\AppData\Roaming\FLV Extract
2011-07-11 05:04:55 -------- d-----w- C:\Users\laki\AppData\Local\{767E6407-6358-430F-BEAF-ED478DD43682}
2011-07-11 04:58:19 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\26da4f2d1cc3f870c\DSETUP.dll
2011-07-11 04:58:19 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\26da4f2d1cc3f870c\DXSETUP.exe
2011-07-11 04:58:19 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\26da4f2d1cc3f870c\dsetup32.dll
2011-07-11 04:58:12 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\222adfed1cc3f870b\DSETUP.dll
2011-07-11 04:58:12 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\222adfed1cc3f870b\DXSETUP.exe
2011-07-11 04:58:12 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\222adfed1cc3f870b\dsetup32.dll
2011-07-11 04:56:29 -------- d-----w- C:\Users\laki\AppData\Local\Windows Live
2011-07-11 04:56:28 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live
2011-07-11 01:39:31 -------- d-----w- C:\Program Files (x86)\FreeTime
2011-07-11 01:30:27 -------- d-----w- C:\Program Files\Avidemux 2.5
2011-07-11 01:27:15 -------- d-----w- C:\Users\laki\AppData\Roaming\Boilsoft
2011-07-11 01:17:04 -------- d-----w- C:\Users\laki\AppData\Roaming\avidemux
2011-07-10 20:07:29 -------- d-----w- C:\Users\laki\AppData\Roaming\ThemeManager
2011-07-10 16:24:37 147856 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\[email protected]_bak2\components\kavlinkfilter.dll
2011-07-10 16:24:10 -------- d-----w- C:\ProgramData\Kaspersky Lab
2011-07-10 16:24:10 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2011-07-10 00:06:08 -------- d-----w- C:\Users\laki\Screenshots
2011-07-10 00:05:05 -------- d-----w- C:\Users\laki\AppData\Local\ScreenCapture
2011-07-10 00:05:03 -------- d-----w- C:\Program Files (x86)\Screen Capturer
2011-07-10 00:04:46 -------- d-----w- C:\ProgramData\ScreenCapture
2011-07-09 17:04:11 -------- d-----w- C:\Windows\PixArt
2011-07-06 21:10:51 -------- d-----w- C:\Users\laki\AppData\Local\Facebook
2011-07-06 02:23:41 -------- d-----w- C:\Users\laki\AppData\Roaming\qualys
2011-07-06 00:21:51 2851840 ----a-w- C:\Windows\System32\themeui.dll.backup
2011-07-06 00:21:50 44544 ----a-w- C:\Windows\System32\themeservice.dll.backup
2011-07-06 00:21:50 332288 ----a-w- C:\Windows\System32\uxtheme.dll.backup
2011-07-06 00:21:49 95080 ----a-w- C:\Windows\UXThemePatcher.exe
2011-07-04 20:02:35 -------- d-----w- C:\Users\laki\AppData\Roaming\picpick
2011-07-02 15:23:06 -------- d-----w- C:\Users\laki\AppData\Roaming\LibreOffice
2011-07-02 15:22:41 -------- d-----w- C:\Windows\ShellNew
2011-07-02 15:22:16 -------- d-----w- C:\Program Files (x86)\LibreOffice 3.4
2011-07-02 06:23:47 -------- d-----w- C:\ProgramData\Caphyon
2011-07-02 06:23:46 -------- d-----w- C:\Users\laki\AppData\Local\Martview
2011-07-02 06:16:53 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2011-07-02 06:13:41 -------- d-----w- C:\Users\laki\Calibre biblioteka
2011-07-02 06:13:40 -------- d-----w- C:\Users\laki\AppData\Roaming\calibre
2011-07-02 06:13:33 -------- d-----w- C:\Program Files (x86)\Calibre2
2011-07-02 02:41:51 -------- d-----w- C:\Users\laki\AppData\Roaming\Mp3tag
2011-07-02 01:30:24 -------- d-----w- C:\Program Files (x86)\Mp3tag
2011-06-30 20:51:22 -------- d-----w- C:\Program Files (x86)\DtsFilter
2011-06-30 01:40:01 -------- d-----w- C:\Users\laki\AppData\Roaming\PeaZip
2011-06-30 01:39:33 -------- d-----w- C:\Program Files\PeaZip
2011-06-29 21:25:21 -------- d-----w- C:\icons
2011-06-29 21:09:53 -------- d-----w- C:\Program Files (x86)\RocketDock
2011-06-28 20:34:22 -------- d-----w- C:\Users\laki\AppData\Local\Adobe
2011-06-21 14:39:38 712976 ----a-w- C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
.
==================== Find3M ====================
.
2011-07-06 17:52:42 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-07-06 17:52:42 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-07-06 02:24:18 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-07-06 00:21:51 2851840 ----a-w- C:\Windows\System32\themeui.dll
2011-07-06 00:21:50 44544 ----a-w- C:\Windows\System32\themeservice.dll
2011-07-06 00:21:50 332288 ----a-w- C:\Windows\System32\uxtheme.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-31 16:45:26 1404928 ----a-w- C:\Windows\System32\RCoRes64.dat
2011-05-31 15:21:28 2886888 ----a-w- C:\Windows\System32\drivers\RTKVHD64.sys
2011-05-31 14:38:54 91240 ----a-w- C:\Windows\System32\RCoInst64.dll
2011-05-31 08:09:30 3114088 ----a-w- C:\Windows\System32\RtkAPO64.dll
2011-05-31 07:42:06 728680 ----a-w- C:\Windows\System32\DTSBassEnhancementDLL64.dll
2011-05-31 07:42:06 712296 ----a-w- C:\Windows\System32\DTSSymmetryDLL64.dll
2011-05-31 07:42:06 693352 ----a-w- C:\Windows\System32\DTSVoiceClarityDLL64.dll
2011-05-31 07:42:06 491112 ----a-w- C:\Windows\System32\DTSNeoPCDLL64.dll
2011-05-31 07:42:06 432744 ----a-w- C:\Windows\System32\DTSLimiterDLL64.dll
2011-05-31 07:42:06 428648 ----a-w- C:\Windows\System32\DTSGainCompensatorDLL64.dll
2011-05-31 07:42:06 242792 ----a-w- C:\Windows\System32\DTSLFXAPO64.dll
2011-05-31 07:42:06 242792 ----a-w- C:\Windows\System32\DTSGFXAPO64.dll
2011-05-31 07:42:06 241768 ----a-w- C:\Windows\System32\DTSGFXAPONS64.dll
2011-05-31 07:42:06 1756264 ----a-w- C:\Windows\System32\DTSS2SpeakerDLL64.dll
2011-05-31 07:42:06 1568360 ----a-w- C:\Windows\System32\DTSS2HeadphoneDLL64.dll
2011-05-31 07:42:06 1486952 ----a-w- C:\Windows\System32\DTSBoostDLL64.dll
2011-05-27 15:58:00 1284712 ----a-w- C:\Windows\RtlExUpd.dll
2011-05-24 17:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe
2011-05-24 13:01:12 1559656 ----a-w- C:\Windows\System32\RTSnMg64.cpl
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
2011-05-23 15:12:36 1245288 ----a-w- C:\Windows\System32\RTCOM64.dll
2011-05-20 08:44:02 2405992 ----a-w- C:\Windows\System32\RtPgEx64.dll
2011-05-05 13:24:02 2085440 ----a-w- C:\Windows\System32\FMAPO64.dll
2011-05-05 12:15:00 220512 ----a-w- C:\Windows\System32\SFNHK64.dll
2011-05-05 12:14:56 78176 ----a-w- C:\Windows\System32\SFAPO64.dll
2011-05-05 12:14:52 81248 ----a-w- C:\Windows\System32\SFCOM64.dll
2011-05-04 05:25:03 2315776 ----a-w- C:\Windows\System32\tquery.dll
2011-05-04 05:22:25 778752 ----a-w- C:\Windows\System32\mssvp.dll
2011-05-04 05:22:25 2223616 ----a-w- C:\Windows\System32\mssrch.dll
2011-05-04 05:22:24 75264 ----a-w- C:\Windows\System32\msscntrs.dll
2011-05-04 05:22:24 491520 ----a-w- C:\Windows\System32\mssph.dll
2011-05-04 05:22:24 288256 ----a-w- C:\Windows\System32\mssphtb.dll
2011-05-04 05:19:28 591872 ----a-w- C:\Windows\System32\SearchIndexer.exe
2011-05-04 05:19:28 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe
2011-05-04 05:19:28 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe
2011-05-04 04:34:43 1549312 ----a-w- C:\Windows\SysWow64\tquery.dll
2011-05-04 04:32:02 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll
2011-05-04 04:32:01 337408 ----a-w- C:\Windows\SysWow64\mssph.dll
2011-05-04 04:32:01 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll
2011-05-04 04:32:01 1401344 ----a-w- C:\Windows\SysWow64\mssrch.dll
2011-05-04 04:32:00 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll
2011-05-04 04:28:31 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe
2011-05-04 04:28:31 427520 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe
2011-05-04 04:28:31 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe
2011-05-03 05:29:29 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-05-03 04:30:02 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-05-02 12:27:56 118104 ----a-w- C:\Windows\System32\R4EEA64A.dll
2011-05-02 12:27:54 74072 ----a-w- C:\Windows\System32\R4EEG64A.dll
2011-05-02 12:27:54 426328 ----a-w- C:\Windows\System32\R4EED64A.dll
2011-05-02 12:27:54 3308376 ----a-w- C:\Windows\System32\R4EEP64A.dll
2011-05-02 12:27:54 136024 ----a-w- C:\Windows\System32\R4EEL64A.dll
2011-04-29 03:06:10 467456 ----a-w- C:\Windows\System32\drivers\srv.sys
2011-04-29 03:05:49 410112 ----a-w- C:\Windows\System32\drivers\srv2.sys
2011-04-29 03:05:37 168448 ----a-w- C:\Windows\System32\drivers\srvnet.sys
2011-04-28 03:55:08 552960 ----a-w- C:\Windows\System32\drivers\bthport.sys
2011-04-28 03:54:56 80384 ----a-w- C:\Windows\System32\drivers\BTHUSB.SYS
2011-04-27 02:40:40 158208 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2011-04-27 02:39:40 289280 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2011-04-27 02:39:37 128000 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2011-04-25 05:33:51 1923968 ----a-w- C:\Windows\System32\drivers\tcpip.sys
2011-04-25 02:34:03 499200 ----a-w- C:\Windows\System32\drivers\afd.sys
2011-04-24 21:14:48 234896 ----a-w- C:\Windows\System32\klogon.dll
2011-04-22 22:15:29 27520 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
[ bojan_bozovic @ 20.07.2011. 04:50 ] @
Code:
mPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: DisableChangePassword = dword:1


Mora da imaš neki virus. Na tvom mestu napravio bih backup i uradio bih clean install, jer HijackThis ne može da ukaže na sve što je promenjeno u registry (čak i Run ključevi, ne ispisuje ih sve!)

Poz.
[ hejejj @ 22.07.2011. 01:19 ] @
Pa je li to samo tvoja pretpostavka ili je sigurno da imam virus? I kakav bi to virus mogao da bude a i cudno mi je da antivirus nista ne nalazi :/
[ bojan_bozovic @ 22.07.2011. 06:12 ] @
Sigurno je da imaš kad je task manager onesposobljen, i onemogućeno menjanje lozinke! Ili si to ti uradio sam u Local Group Policy editoru (gpedit.msc) ili je to uradio malware.

Ne nagadjam, znači, jeste. A što se AV tiče, i nesposobnosti da otkriju malware, to nek te ne čudi. "XP Black edition" i slični dolazili su puni malwarea i sa instaliranim AV programom koji ništa nije upozoravao. :)
[ valjan @ 22.07.2011. 08:08 ] @
Imas gomilu kojekakvih utilityja instalirano, vecinu u proteklih mesec dana. Neki od njih su stalno aktivni, pa obrati paznju koliko trose RAM-a i CPU, a za one ostale, ako nisu freeware, a nisi ih platio, dobro proveri "registraciju" koju si koristio (preporucujem http://www.virustotal.com). Postoji mogucnost i da je neki od njih menjao sistemske fajlove, bacio sam pogled na par komada da vidim cemu sluze, i neki od njih bi mogli biti potencijalni kandidati za brljanje po sistemu.

Sto se tice toga da AV nista ne detektuje, jedan AV nikad nije dovoljan da sa sigurnoscu znas da li nesto jeste ili nije virus. Danas kada se malware broji u milionima razlicitih vrsta, nerealno je ocekivati da ce neki AV softver moci da prepozna bas svaki primerak. Znaci, ako AV tvrdi da nemas virusa, ne znaci da je to 100% tacno, a isto tako i ako tvrdi da je neki fajl zarazen, opet ne mora biti 100% sigurno da je bas tako. Najgore je kad mislis da je sasvim dovoljno da instaliras AV i da onda mozes da radis sta hoces i kako hoces, a u stvari bezbednost zavisi od tebe samog.

E sad, ako si vec postavio pitanje na ovom forumu, znaci da i ti sam sumnjas da ti je racunar zarazen, i ako ti jos neko to potvrdi, cemu onda tolika sumnja? Uzmi, brate pa skeniraj jos necim, imas i online AV skenera koje ni ne moras instalirati, imas i LiveCD skenera koje takodje ne moras instalirati, imas i specijalizovanih skenera koje samo pokrenes na zarazenom sistemu, pa oni uklone one gadnije napasti, a onda tvoj redovan AV moze da se pozabavi sa onim preostalim bezazelnijim... Mislim, instalirao si toliki broj kojekakvih kojestarija, a mrsko ti je da poteras jos jedan AV kad ti to neko zatrazi?
[ hejejj @ 22.07.2011. 15:46 ] @
Pa jesam se bavio nekim passwordima nemam pojma sta sam tu radio a kad udjem u local grups ne mogu da mu pristupim jer koristim home premium...e vala ne znam bas nesto o tim racunarima tako da valjda sad pisem nesto sto nema veze sa tim sto kazete...ukoliko imam virus onda je on dasao sa windowsom
[ Vodomar @ 22.07.2011. 17:18 ] @
Nisu problem lozinke već programčići koji su bili u torrentu a služe da naprave lozinku ili da se dodaju u regularni programski folder.Prvo deinstaliraj sve sto si nakrcao a onda iskeniraj sistem sa malwarebytsom i sa http://www.surfright.nl/en/hitmanpro i ovaj je dobar
http://www.eset.com/us/online-scanner (ovo mozes i skinuti pa updateovati)
Obavezno isključi KAV tokom skeniranja.

[Ovu poruku je menjao Vodomar dana 22.07.2011. u 18:31 GMT+1]
[ hejejj @ 23.07.2011. 04:48 ] @
Axa znaci ovo sto su mi oni pricali nije virus vec ima neke veze sa torentom? Trenutno nemam vremena da probam da skeniram komp. Sa ovim programima sto si mi dao pa kad budem imao uradicu... Drago mi je da ono nije nikakav virus ako si to htio da kazes
[ Vodomar @ 23.07.2011. 08:41 ] @
ovako...hm...programčići o kojima sam govorio su vrlo često virusi.a torrent je čest put zaraze tako da nemoj da se zavaravaš nego odradi to :D
[ hejejj @ 01.08.2011. 14:56 ] @
evo nasao mi je ovaj antivirus sto si mi dao ovo je li to to? to je bio virus neki?
[ Aleksandar Maletic @ 01.08.2011. 19:28 ] @
Hitman Pro je detektovao sumnjivo ponasanje koje nije karakteristicno za sistem koji normalno radi. Ako je Task Manager onesposobljen velika je verovatnoca da je malware to prouzrokovao. U tvom slucaju, malware vise nije prisutan, ali su ostale posledice. Hitman ti je ponudio Repair Task Manager-a, odradi to.
[ hejejj @ 04.08.2011. 22:21 ] @
moze li neko da mi kaze ima li sta ovamo ovo je jedan drugi windows cini mi se da u njega nema upakovan virus kao u onaj
.
DDS (Ver_2011-06-23.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by laki at 23:17:15 on 2011-08-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1250.381.1033.18.4095.3174 [GMT 2:00]
.
AV: Kaspersky Anti-Virus *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
SP: Kaspersky Anti-Virus *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
mWinlogon: Userinit=userinit.exe
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
StartupFolder: C:\Users\laki\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
TCP: DhcpNameServer = 192.168.1.254
TCP: Interfaces\{9462F3A6-F686-4A8A-AFA8-AC883CBE4582} : DhcpNameServer = 192.168.1.254
BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\ievkbd.dll
BHO-X64: IEVkbdBHO - No File
BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\klwtbbho.dll
BHO-X64: link filter bho - No File
mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe"
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\laki\AppData\Roaming\Mozilla\Firefox\Profiles\lbr8e0ms.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.facebook.com/
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?]
R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 2012\avp.exe [2011-4-24 202296]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-8-4 2214504]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
.
=============== Created Last 30 ================
.
2011-08-04 15:37:43 -------- d-----w- C:\Windows\System32\SPReview
2011-08-04 15:37:32 -------- d-----w- C:\Windows\System32\EventProviders
2011-08-04 15:35:59 485888 ----a-w- C:\Windows\System32\secproc_isv.dll
2011-08-04 15:34:59 82944 ----a-w- C:\Windows\SysWow64\iccvid.dll
2011-08-04 15:33:58 529408 ----a-w- C:\Windows\System32\wbemcomn.dll
2011-08-04 14:47:52 -------- d-----w- C:\Windows\SysWow64\Wat
2011-08-04 14:47:52 -------- d-----w- C:\Windows\System32\Wat
2011-08-04 12:43:26 -------- d-----w- C:\Windows\Panther
2011-08-04 11:50:30 -------- d-----w- C:\Users\laki\AppData\Local\WindowsUpdate
2011-08-04 04:03:03 294912 ----a-w- C:\Windows\System32\browserchoice.exe
2011-08-04 03:53:27 -------- d-----w- C:\Users\laki\AppData\Roaming\Rainmeter
2011-08-04 03:53:22 -------- d-----w- C:\Program Files\Rainmeter
2011-08-04 03:36:34 -------- d-----w- C:\ProgramData\Kaspersky Lab
2011-08-04 03:36:34 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab
2011-08-04 03:36:17 -------- d-sh--w- C:\Windows\Installer
2011-08-04 03:29:30 23112 ----a-w- C:\Windows\System32\drivers\hitmanpro35.sys
2011-08-04 03:29:13 -------- d-----w- C:\Program Files\Hitman Pro 3.5
2011-08-04 03:29:07 -------- d-----w- C:\ProgramData\Hitman Pro
2011-08-04 03:20:42 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A1D7C883-516C-4B35-93E3-A6C51F5AA90C}\mpengine.dll
2011-08-04 03:14:26 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2011-08-04 03:14:26 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2011-08-04 03:14:06 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-08-04 03:11:07 31232 ----a-w- C:\Windows\SysWow64\prevhost.exe
2011-08-04 03:11:07 31232 ----a-w- C:\Windows\System32\prevhost.exe
2011-08-04 03:11:04 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-08-04 03:11:04 741376 ----a-w- C:\Windows\SysWow64\inetcomm.dll
2011-08-04 03:10:59 90624 ----a-w- C:\Windows\System32\drivers\bowser.sys
2011-08-04 03:00:22 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2011-08-04 03:00:09 739432 ----a-w- C:\Windows\System32\easyupdatusapiu64.dll
2011-08-04 03:00:09 6300776 ----a-w- C:\Windows\System32\nvcpl.dll
2011-08-04 03:00:09 61544 ----a-w- C:\Windows\System32\nvshext.dll
2011-08-04 03:00:09 3040872 ----a-w- C:\Windows\System32\nvsvc64.dll
2011-08-04 03:00:09 117864 ----a-w- C:\Windows\System32\nvmctray.dll
2011-08-04 03:00:09 1016936 ----a-w- C:\Windows\System32\nvvsvc.exe
2011-08-04 03:00:06 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2011-08-04 02:54:47 995328 ----a-w- C:\Program Files\Common Files\Microsoft Shared\VGX\VGX.dll
.
==================== Find3M ====================
.
2011-08-04 15:42:11 175616 ----a-w- C:\Windows\System32\msclmd.dll
2011-08-04 15:42:11 152576 ----a-w- C:\Windows\SysWow64\msclmd.dll
2011-06-11 03:07:25 3137536 ----a-w- C:\Windows\System32\win32k.sys
2011-06-03 06:57:45 362496 ----a-w- C:\Windows\System32\wow64win.dll
2011-06-03 06:57:45 243200 ----a-w- C:\Windows\System32\wow64.dll
2011-06-03 06:57:45 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2011-06-03 06:57:44 214528 ----a-w- C:\Windows\System32\winsrv.dll
2011-06-03 06:57:38 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
2011-06-03 06:56:38 421888 ----a-w- C:\Windows\System32\KernelBase.dll
2011-06-03 06:53:33 338944 ----a-w- C:\Windows\System32\conhost.exe
2011-06-03 06:00:53 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2011-06-03 05:57:52 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2011-06-03 05:57:33 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2011-06-03 05:56:12 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2011-06-03 05:56:11 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2011-06-03 03:53:31 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2011-06-03 03:53:31 2048 ----a-w- C:\Windows\SysWow64\user.exe
2011-06-03 03:48:32 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2011-06-03 03:48:31 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2011-06-03 03:48:31 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2011-06-03 03:48:31 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2011-05-24 11:42:55 404480 ----a-w- C:\Windows\System32\umpnpmgr.dll
2011-05-24 10:40:05 64512 ----a-w- C:\Windows\SysWow64\devobj.dll
2011-05-24 10:40:05 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll
2011-05-24 10:39:38 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll
2011-05-24 10:37:54 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe
[ hejejj @ 06.08.2011. 04:16 ] @
samo me interesuje sta je ovo sto mi je hitman pronasao


<?xml version="1.0"?>
-<Log filesProcessed="10877" timeSpentInSecs="58" reboot="yes" date="2011-08-06T05:09:33" version="3.5.9.127" scan="EWS" computer="LAKI-PC">-<
Item status="None" score="-93.0" type="EWS"><
File hash="D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9" path="C:\Windows\system32\DRIVERS\usbehci.sys"/>-<Startup><
Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbehci\"/></Startup></Item>-<Item status="PendingDelete" score="7.0" type="EWS"><File hash="776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0" path="C:\Windows\system32\drivers\usbohci.sys"/>-<Startup>
<Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbohci\"/>
</Startup>
</Item>-
<Item status="None" score="-93.0" type="EWS">
<File hash="C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25" path="C:\Windows\system32\DRIVERS\usbuhci.sys"/>-<Startup>
<Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbuhci\"/>
</Startup>
</Item>
</Log>
je li ovo isto neki virus?
ovaj hitman je bas cudan jedini on mi nalazi sve i svasta
[ kristi1 @ 06.08.2011. 08:18 ] @
Nije virus http://www.bleepingcomputer.com/filedb/usbehci.sys-2937.html

Obrisi taj program sta ce ti to.
[ Aleksandar Maletic @ 06.08.2011. 11:32 ] @
@hejejj,
Hitman Pro ti je stvarno bespotreban, deinstaliraj ga. To je pre svega komercijalan program, ujedno mi se i ne cini preterano pouzdanim. Pretpostavljam da vec koristis neki antivirus, gledaj da bude legalan: ili licenciran, placen ili besplatna verzija tipa Avast, Avira, AVG, MSE...
Uz antivirus koristi dodatak u vidu antispyware/antimalware programa (Malwarebytes' Anti-Malware, SuperAntiSpyware) i povremeno skeniraj kompletan hard disk.
[ Vodomar @ 06.08.2011. 13:19 ] @
ovaj...pa ne bi toliko da napadam hitmanpro jer meni nije brljavio pa ga koristim.elem...ovaj a ta tvoja kopija windowsa je isto doshla preko torrenta?
odradi i ovo:
Idi u Start meni>AlL Programs>Accessories>Command Prompt(desni kilk Run as Administrator)
onda kucaj ovu komandu:

SFC /SCANNOW

(onda lupi ENTER)
Onda sačekaj da završi pa javi šta kaže

[Ovu poruku je menjao Vodomar dana 06.08.2011. u 14:47 GMT+1]
[ Aleksandar Maletic @ 06.08.2011. 13:44 ] @
Citat:
ovaj...pa ne bi toliko da napadam hitmanpro jer meni nije brljavio pa ga koristim.

Nisam imao nameru da pljujem po programu, koristio sam ga odredjeno vreme. Ne zameri.
Jednostavno mi nije po meri. Neverujem mu preterano.
[ Vodomar @ 06.08.2011. 13:48 ] @
ma ok ne vezujem se emotivno za programe haha
[ hejejj @ 06.08.2011. 15:47 ] @
odradio sam SFC /SCANNOW
windows resource protection did not find any integrity violations.
ok nema nista.. :P
[ Goran Mijailovic @ 06.08.2011. 17:13 ] @
Citat:
kristi1: Nije virus http://www.bleepingcomputer.com/filedb/usbehci.sys-2937.html

Obrisi taj program sta ce ti to.
Citat:
hejejj: samo me interesuje sta je ovo sto mi je hitman pronasao


<?xml version="1.0"?>
-<Log filesProcessed="10877" timeSpentInSecs="58" reboot="yes" date="2011-08-06T05:09:33" version="3.5.9.127" scan="EWS" computer="LAKI-PC">-<
Item status="None" score="-93.0" type="EWS"><
File hash="D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9" path="C:\Windows\system32\DRIVERS\usbehci.sys"/>-<Startup><
Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbehci\"/></Startup></Item>-<Item status="PendingDelete" score="7.0" type="EWS"><File hash="776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0" path="C:\Windows\system32\drivers\usbohci.sys"/>-<Startup>
<Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbohci\"/>
</Startup>
</Item>-
<Item status="None" score="-93.0" type="EWS">
<File hash="C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25" path="C:\Windows\system32\DRIVERS\usbuhci.sys"/>-<Startup>
<Key path="HKLM\SYSTEM\CurrentControlSet\Services\usbuhci\"/>
</Startup>
</Item>
</Log>
je li ovo isto neki virus?
ovaj hitman je bas cudan jedini on mi nalazi sve i svasta :)


Da li vas dvojica primecujete razliku izmedju usbuhci, usbohci i usbehci? Sve tri reci se pojavljuju na citiranim slikama i logovima?!
[ hejejj @ 06.08.2011. 17:26 ] @
i sta bi to trebalo da znaci? :-)
[ kristi1 @ 06.08.2011. 17:26 ] @
Sve je to legalno "Microsoft USB Universal Host Controller Miniport Driver"
[ Vodomar @ 06.08.2011. 19:40 ] @
pa ako nema nekih problema to je to.ili ga deinstaliraj ili prijavi lažno pozitivan nalaz(što bi ja uradio) klikom na Ignore gore desno.Bitno je da skeniraš komp redovno legalnim softverom-da li će to biti besplatan softver ili neka poklon licenca nebitno je samo nemoj da koristiš softver koji dolazi sa sumnjivih sajtova-obrati pažnju na WOT rang ili da koristiš licence čije je poreklo takođe sumnjivo.Kasperski ili ESET to provale.A na skidanje sigurnosnih programa preko torrenta naprosto zaboravi.

[Ovu poruku je menjao Vodomar dana 06.08.2011. u 23:34 GMT+1]
[ Goran Mijailovic @ 06.08.2011. 22:03 ] @
Citat:
hejejj: i sta bi to trebalo da znaci? :-)


pa nista, cudno mi je da jedan drajver ima tri imena :)
[ hejejj @ 06.08.2011. 22:10 ] @
hahaha pa ima i on nadimak :-)