nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Zpráva

Allucard · #1 Příspěvek od **Allucard** » 17 lis 2011 17:25

Dobrý den, prosím o radu,
stáhl jsem údajné olvadače pro N-vidia a evidntě jsem stáhl vir (podle toho, co jsem na netu zatím vyčetl)
Přiznávám se, že s odrstraňováním virů nemám zkušenosti a ani se nejedná o mé pc (ale pc rodičů) takže jak to na tomto pc funguje nemám už vůbec tušení.
Microsoft Essencial ani Kaspersky zatim nic nezmohli (stále nelze bez problémů vypnout pořítač, nelze používat skype (ten sem instaloval taky teď, takže teoreticky může být problémem i on))
prosím o radu. Děkuji mnohokrát.

#2 Příspěvek od **Rudy** » 17 lis 2011 17:35

1. Odkud jste ovladač stahoval?
2. Dejte log z RSIT: http://www.viry.cz/forum/viewtopic.php?f=13&t=105895 .

Allucard · #3 Příspěvek od **Allucard** » 17 lis 2011 17:38

Děkuji za reakci.
Ovladač se stáhl s aktualizací Systému. Doporučené aktualizace ovladače N-vidia.

#4 Příspěvek od **Rudy** » 17 lis 2011 17:41

S aktualizací systému jste si nemohl stáhnout vir. To není z principu možné. Ještě bych prosil ten log.

Allucard · #5 Příspěvek od **Allucard** » 17 lis 2011 17:41

Logfile of random's system information tool 1.09 (written by random/random)
Run by Eliasek at 2011-11-17 17:39:51
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 439 GB (92%) free of 477 GB
Total RAM: 2047 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 17:40:16, on 17.11.2011
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Opera\opera.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Eliasek\Desktop\RSIT.exe
C:\Program Files\trend micro\Eliasek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-1295838009-3211754218-2017530426-1005\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')
O4 - HKUS\S-1-5-21-1295838009-3211754218-2017530426-1005\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~3\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe

--
End of file - 5568 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295838009-3211754218-2017530426-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295838009-3211754218-2017530426-1003UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295838009-3211754218-2017530426-1004Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1295838009-3211754218-2017530426-1004UA.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15 62376]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
IEVkbdBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll [2011-04-24 86416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~3\Office14\URLREDIR.DLL [2010-12-21 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E33CF602-D945-461A-83F0-819F76A199F8}]
FilterBHO Class - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"BCSSync"=C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2010-03-13 91520]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 10.0\Reader\Reader_sl.exe [2010-11-15 35736]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-11-15 932288]
"AVP"=C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1174016]

C:\Users\Eliasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2010.lnk - C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\klogon]
C:\Windows\system32\klogon.dll [2011-04-24 229776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office14\GROOVEEX.DLL [2011-06-12 4221328]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=lvcodec2.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2011-11-17 17:39:53 ----D---- C:\Program Files\trend micro
2011-11-17 17:39:51 ----D---- C:\rsit
2011-11-17 16:51:12 ----A---- C:\Windows\system32\drivers\klin.dat
2011-11-17 16:51:12 ----A---- C:\Windows\system32\drivers\klick.dat
2011-11-17 16:49:57 ----D---- C:\ProgramData\Kaspersky Lab
2011-11-17 16:49:57 ----D---- C:\Program Files\Kaspersky Lab
2011-11-17 16:49:50 ----A---- C:\Windows\system32\drivers\klif.sys
2011-11-17 16:48:43 ----SHD---- C:\Config.Msi
2011-11-17 11:22:55 ----D---- C:\ProgramData\NVIDIA
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvvsvc.exe
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvsvcr.dll
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvsvc.dll
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvshext.dll
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvmctray.dll
2011-11-17 11:22:45 ----A---- C:\Windows\system32\nvcpl.dll
2011-11-17 11:22:43 ----A---- C:\Windows\system32\easyupdatusapiu.dll
2011-11-17 11:21:48 ----D---- C:\ProgramData\NVIDIA Corporation
2011-11-17 11:21:43 ----D---- C:\Program Files\NVIDIA Corporation
2011-11-17 10:32:48 ----A---- C:\Windows\system32\shell32.dll
2011-11-17 10:10:58 ----D---- C:\ProgramData\Skype
2011-11-16 23:34:25 ----D---- C:\Users\Eliasek\AppData\Roaming\Skype
2011-11-10 09:58:48 ----A---- C:\Windows\system32\drivers\tcpip.sys
2011-11-10 09:57:49 ----A---- C:\Windows\system32\win32k.sys

======List of files/folders modified in the last 1 month======

2011-11-17 17:40:04 ----D---- C:\Windows\Temp
2011-11-17 17:39:53 ----RD---- C:\Program Files
2011-11-17 17:15:58 ----D---- C:\Windows\system32\config
2011-11-17 17:05:15 ----D---- C:\Windows\system32\drivers
2011-11-17 16:52:57 ----SHD---- C:\System Volume Information
2011-11-17 16:51:17 ----SHD---- C:\Windows\Installer
2011-11-17 16:50:53 ----D---- C:\Windows\winsxs
2011-11-17 16:50:45 ----D---- C:\Windows\system32\catroot
2011-11-17 16:50:36 ----D---- C:\Windows\inf
2011-11-17 16:50:35 ----D---- C:\Windows\system32\DriverStore
2011-11-17 16:50:06 ----D---- C:\Windows\System32
2011-11-17 16:49:57 ----HD---- C:\ProgramData
2011-11-17 16:22:22 ----D---- C:\Windows\system32\Tasks
2011-11-17 16:10:09 ----A---- C:\Windows\system32\PerfStringBackup.INI
2011-11-17 11:41:25 ----D---- C:\Windows\Microsoft.NET
2011-11-17 11:41:13 ----RSD---- C:\Windows\assembly
2011-11-17 11:35:36 ----D---- C:\Windows
2011-11-17 11:22:59 ----RD---- C:\Users
2011-11-17 11:22:54 ----D---- C:\Windows\Prefetch
2011-11-17 11:22:42 ----D---- C:\Windows\Help
2011-11-17 11:20:41 ----D---- C:\ProgramData\Microsoft Help
2011-11-17 11:17:46 ----D---- C:\Program Files\Common Files\System
2011-11-17 11:17:46 ----A---- C:\Windows\win.ini
2011-11-17 10:06:03 ----D---- C:\Program Files\Opera
2011-11-17 10:05:51 ----D---- C:\Windows\SoftwareDistribution
2011-11-17 10:05:43 ----D---- C:\Windows\debug
2011-11-17 10:05:11 ----D---- C:\Program Files\Common Files
2011-11-17 00:12:25 ----D---- C:\Windows\Logs
2011-11-16 23:25:12 ----D---- C:\Windows\Tasks
2011-11-14 01:27:01 ----D---- C:\Windows\system32\catroot2
2011-11-10 11:14:18 ----A---- C:\Windows\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 KL1;kl1; C:\Windows\system32\DRIVERS\kl1.sys [2011-03-04 133208]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 kl2;kl2; C:\Windows\system32\DRIVERS\kl2.sys [2011-03-04 11352]
R1 KLIF;Kaspersky Lab Driver; C:\Windows\system32\DRIVERS\klif.sys [2011-11-17 570160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter; C:\Windows\system32\DRIVERS\klim6.sys [2011-03-10 23856]
R3 L1E;NDIS Miniport Driver for Atheros AR8121/AR8113/AR8114 PCI-E Ethernet Controller(NDIS6.20); C:\Windows\system32\DRIVERS\L1E62x86.sys [2009-07-13 47104]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\DRIVERS\LVUSBSta.sys [2008-07-26 41752]
R3 LVUVC;Logitech QuickCam S5500(UVC); C:\Windows\system32\DRIVERS\lvuvc.sys [2008-07-26 4658584]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
S1 MpKsl052d4de8;MpKsl052d4de8; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C60E60BF-47E3-4941-9306-562DD400C35E}\MpKsl052d4de8.sys []
S1 MpKsl4c479ec1;MpKsl4c479ec1; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{AD93104A-6A52-418B-94D9-6865A2478D85}\MpKsl4c479ec1.sys []
S1 MpKsl54cfe353;MpKsl54cfe353; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E14125F4-0C41-445A-A495-6A53D0908734}\MpKsl54cfe353.sys []
S1 MpKsl6dc46b27;MpKsl6dc46b27; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C60E60BF-47E3-4941-9306-562DD400C35E}\MpKsl6dc46b27.sys []
S1 MpKslf69c9c75;MpKslf69c9c75; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{7A427264-DEC9-4783-8FD0-350F24804897}\MpKslf69c9c75.sys []
S1 MpKslfb5e6894;MpKslfb5e6894; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B3BF5EF8-7949-4560-A095-967036DCA8B0}\MpKslfb5e6894.sys []
S1 MpKslfe6ff1a9;MpKslfe6ff1a9; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E7D582D7-EF6B-47EF-AC36-13E634410B74}\MpKslfe6ff1a9.sys []
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 klmouflt;Kaspersky Lab KLMOUFLT; C:\Windows\system32\DRIVERS\klmouflt.sys [2009-11-02 19984]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2009-07-14 35840]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AVP;Kaspersky Anti-Virus Service; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-04-24 202296]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2011-05-21 615528]
R2 nvUpdatusService;NVIDIA Update Service Daemon; C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-05-21 2214504]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2011-05-30 1343400]

-----------------EOF-----------------

Allucard · #6 Příspěvek od **Allucard** » 17 lis 2011 17:44

Velice děkuji za pomoc, jsem tak trochu zoufalý, není to můj počítač..

#7 Příspěvek od **Rudy** » 17 lis 2011 18:01

Log vypadá čistý. Odinstalujte MSSE (na jednom systému nemohou být 2 antiviry, docházelo by k sw kolizím). Pak proveďte AV sken Kasperským a výsledek oznamte.

Allucard · #8 Příspěvek od **Allucard** » 17 lis 2011 18:03

V současné době mám jen Kasperskyho, Microsoft Essencial sem odinstaloval před instalaci Kasperskyho. Ten teď skenuje. za chvilku bude snad po všem. Výsledek pošlu hned.

Allucard · #9 Příspěvek od **Allucard** » 17 lis 2011 18:12

no, je mi to trapné, ale nevím jak z kasperskyho vytáhnout rozumnej log....

který bych sem mohl hodit, něco našel, a vypadá to, že problém s videem byl odstraněn, ale chci se ujistit, že jsem udělal maximum a nic nepřehlédl... Děkuji velice a omlouvám se za svoji neschopnost..

Allucard · #10 Příspěvek od **Allucard** » 17 lis 2011 18:13

respektive stále je v pohotovosti a hlásí problém (červená obrazovka s křížem, tak asi něco není stále v pořádku..)

Allucard · #11 Příspěvek od **Allucard** » 17 lis 2011 18:14

Type: undefined (1)
Type: Trojan program (3)
Packed.Win32.Krap.ah Deleted 17.11.2011 18:14:36
Trojan.VBS.TudaSuda.c Deleted 17.11.2011 18:14:32
Exploit.Win32.Nuker.Cyrus.b Deleted 17.11.2011 17:44:15

#12 Příspěvek od **Rudy** » 17 lis 2011 18:27

Řekl bych, že to je nějaká falešná detekce. Kdyby tam ten soubor byl, mohl byste ho otestovat na www.virustotal.com . Nevěřím tomu, že by byl virus v oficiální aktualizaci. Soubor byl ale smazán. Pro jistotu udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

starboy · #13 Příspěvek od **starboy** » 24 črc 2012 18:44

Dobrý den v Procesech mám tento soubor a mám tu navíc ještě jeden csrss.exe Prosím o pomoct

#14 Příspěvek od **Rudy** » 24 črc 2012 19:27

2starboy: Založte si, prosím, vlastní topic. Děkujeme. Tady zamykám.

VIRY.CZ

nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)

Re: nvvsvc.exe (ovladače N-vidia) vir (a nebo skype)