nvidiapanel.exe

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Ne znam da li je ovo za ambulantu, pa se izvinjavam ako nije premestite.
Resio sam da pravim samp server i skidao sam neke modove, i odjednom poceo komp strasno da mi baguje cpu usage 100% ceo dan mi je tako i pogledam na task manageru i vidim sledece:




Ima ih 4 zato sto sam ja obrisao oko 60, stalno se stvaraju a kad odem na file location otvori mi ovo




Probam da obrisem ne moze dok ne pogasim dok radi proces ugasim procese ali se oni stvaraju stalno pa nmg da obrisem, nekako stignem da pogasim procese i stisnem delete ono se obrise i ponovo stvori, molim vas ako neko zna o cemu se radi da mi pomogne

Hvala

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uploaduj taj nvidiapanel fajl na Virustotal, pa postavi link skeniranja ovde, da vidimo da li je maliciozan...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

[Link mogu videti samo ulogovani korisnici]
Eto

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Isprati uputstvo i dostavi izvestaje --> [Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

Napisano: 01 Sep 2013 21:08

Ispoljava se tako sto se stvaraju procesu u task menadzeru i cpu usage je stalno 100%
Poceo je oko 16h od prilike ne znam tacno
Ne koristim zastitni softver samo mi usporava komp.
Pokusao sam obrisati taj program ali se on ponovo stvori i sad brisem procese i pisem ovo u isto vreme
SBB net, a brzinu ne znam tacno
Stanje na racunaru ocajno cpu usage konstanto 100%

Onaj dds je stao i nece dalje ne znam zasto, sacekacu mozda nastavi...

Dopuna: 01 Sep 2013 21:13

[Link mogu videti samo ulogovani korisnici]


[Link mogu videti samo ulogovani korisnici]


DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.16576 BrowserJavaVersion: 10.25.2
Run by User at 21:07:46 on 2013-09-01
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.2047.682 [GMT 2:00]
.
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Users\User\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\system32\Dwm.exe
C:\Windows\KMService.exe
C:\Windows\Explorer.EXE
C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler64.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
C:\Users\User\AppData\Local\Skillbrains\lightshot\4.3.0.0\LightShot.exe
C:\Documents and Settings\User\Application Data\explorer.exe
C:\Documents and Settings\User\Local Settings\Application Data\lsass.exe
C:\Documents and Settings\User\Application Data\explorer.exe
C:\Documents and Settings\User\Local Settings\Application Data\lsass.exe
C:\Windows\SysWOW64\nlssrv32.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\win32.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\SysWOW64\explorer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Users\User\AppData\Local\Temp\winwltxcy.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\explorer.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\User\AppData\Local\Temp\nsfE783.tmp\PEV.DAT
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\VideoUpdater\nvidiapanel.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = [Link mogu videti samo ulogovani korisnici]
uSearch Bar = [Link mogu videti samo ulogovani korisnici]
uSearch Page = [Link mogu videti samo ulogovani korisnici]
uDefault_Search_URL = [Link mogu videti samo ulogovani korisnici]
mSearch Bar = [Link mogu videti samo ulogovani korisnici]
mSearch Page = [Link mogu videti samo ulogovani korisnici]
mDefault_Search_URL = [Link mogu videti samo ulogovani korisnici]
uURLSearchHooks: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - <orphaned>
uURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} -
uURLSearchHooks: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - <orphaned>
uURLSearchHooks: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDiv0.dll
mURLSearchHooks: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} -
mURLSearchHooks: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDiv0.dll
uWinlogon: Shell = C:\Users\User\AppData\Roaming\VideoUpdaterCodecses\videocodecs.exe,explorer.exe
mWinlogon: Userinit = userinit.exe
BHO: Claro LTD Helper Object: {000F18F2-09EB-4A59-82B2-5AE4184C39C3} -
BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} -
BHO: SearcH-yNeewTaba: {45183830-642D-143F-D784-080D15F643D2} - C:\ProgramData\SearcH-yNeewTaba\513e15a167625.dll
BHO: TBSB01620 Class: {58124A0B-DC32-4180-9BFF-E0E21AE34026} -
BHO: Search-NeuWWTab: {6CC3F6DC-6206-B53B-4553-C812EAD34A37} - C:\ProgramData\Search-NeuWWTab\517049fb08453.dll
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDiv0.dll
BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\User\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} -
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: BrowSee2Save: {C7526C0F-D3AE-BE9B-445A-BE0EBE11E440} - C:\ProgramData\BrowSee2Save\513b566d1500f.dll
BHO: Browse2save: {CF8CDB88-A890-7E54-2298-F68CF42EEF24} - C:\ProgramData\Browse2save\50f167c7a2352.dll
BHO: Browwse2siAvee: {D43359F2-0E51-99A8-A776-F5F0B84D4BCF} - C:\ProgramData\Browwse2siAvee\517049ee9b3cf.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SeaRchh-uNeewTTab: {E1B49059-B341-9D01-7347-2DCD67314D29} - C:\ProgramData\SeaRchh-uNeewTTab\513b569604b5e.dll
BHO: DownTango Launcher: {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\User\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll
BHO: Softonic Helper Object: {E87806B5-E908-45FD-AF5E-957D83E58E68} -
BHO: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} -
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: Softonic Toolbar: {5018CFD2-804D-4C99-9F81-25EAEA2769DE} -
TB: IMinent Toolbar: {977AE9CC-AF83-45E8-9E03-E2798216E2D5} -
TB: FreeOnlineRadioPlayerRecorder Toolbar: {f999a48b-1950-4d81-9971-79018f807b4b} -
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} -
TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} -
TB: DownTango Launcher: {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\User\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll
TB: Claro LTD Toolbar: {9E131A93-EED7-4BEB-B015-A0ADB30B5646} -
TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
TB: DivX Browser Bar Toolbar: {77e8143b-6759-416e-b521-82cfed75150b} - C:\Program Files (x86)\DivX_Browser_Bar\prxtbDiv0.dll
uRun: [AdobeBridge] <no file>
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [win32] "C:\kernels\drivers.vbs"
dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
StartupFolder: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\windows.pif
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empty.pif
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Download with Xilisoft Download YouTube Video - D:\?????\????????\Yt\Download YouTube Video\upod_link.HTM
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2d8ee268-8d7a-4996-b80b-8999ce8c7fe2} - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6}
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - [Link mogu videti samo ulogovani korisnici]
TCP: NameServer = 89.216.1.30 89.216.1.50
TCP: Interfaces\{b5734d9b-b213-4f56-a0dd-44d887a229ac} : DHCPNameServer = 89.216.1.30 89.216.1.50
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\29.0.1547.62\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: <No Name>: {ae07101b-46d4-4a98-af68-0333ea26e113} - LocalServer32 - <no file>
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [Nvtmru] "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
Hosts: 198.167.139.193 [Link mogu videti samo ulogovani korisnici]
Hosts: 198.167.139.193 [Link mogu videti samo ulogovani korisnici]
Hosts: 198.167.139.193 [Link mogu videti samo ulogovani korisnici]
Hosts: 198.167.139.193 [Link mogu videti samo ulogovani korisnici]
Hosts: 198.167.139.193 [Link mogu videti samo ulogovani korisnici]
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\sz6idpkb.default\
FF - prefs.js: browser.startup.homepage - [Link mogu videti samo ulogovani korisnici]
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\13.2.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
FF - plugin: C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll
FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll
FF - plugin: C:\Windows\SysWOW64\npmproxy.dll
FF - ExtSQL: 2013-07-22 08:27; {82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}; C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
.
============= SERVICES / DRIVERS ===============
.
.
=============== File Associations ===============
.
FileExt: .js: jsfile="D:\KRON\Programi\Adobe\DreamVeawer\Adobe Dreamweaver CS6\Dreamweaver.exe","%1"
ShellExec: Opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2013-09-01 18:42:40 -------- d-----w- C:\Windows\VideoUpdater
2013-09-01 18:02:20 -------- d-----w- C:\Users\User\AppData\Roaming\VideoUpdater
2013-09-01 17:59:44 -------- d-----w- C:\Users\User\AppData\Roaming\VideoUpdaterCodecses
2013-09-01 17:45:21 1519616 ----a-w- C:\Windows\System32\libmysql.dll
2013-08-31 15:36:56 749568 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll
2013-08-31 15:36:56 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll
2013-08-31 15:36:56 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe
2013-08-31 15:36:56 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll
2013-08-31 15:36:56 180224 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll
2013-08-31 15:36:53 323716 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll
2013-08-31 15:36:53 192644 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll
2013-08-31 13:01:30 103140 --sh--r- C:\hbodk.exe
2013-08-30 17:12:14 -------- d-----w- C:\Program Files (x86)\MTA San Andreas 1.3
2013-08-30 15:02:29 -------- d---a-w- C:\ProgramData\MTA San Andreas All
2013-08-30 06:09:13 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A6599364-0E83-48E2-A1EA-6A079D8218BA}\offreg.dll
2013-08-27 11:02:16 -------- d-----w- C:\Users\User\VirtualBox VMs
2013-08-27 11:01:52 -------- d-----w- C:\Users\User\.VirtualBox
2013-08-27 11:00:05 238352 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys
2013-08-27 10:59:36 120080 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys
2013-08-23 18:11:20 -------- d-----w- C:\Users\User\AppData\Roaming\FileAssociationManager
2013-08-16 09:12:51 43520 ----a-w- C:\Windows\SysWow64\CmdLineExt03.dll
2013-08-15 10:41:49 -------- d-----w- C:\Users\User\AppData\Roaming\Nico Mak Computing
2013-08-15 10:41:47 18760 ----a-w- C:\Windows\System32\roboot64.exe
2013-08-15 10:41:45 -------- d-----w- C:\Program Files (x86)\WinZip Registry Optimizer
2013-08-14 09:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-14 09:11:04 4774272 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2013-08-06 11:23:34 -------- d-----w- C:\Users\User\AppData\Roaming\TagScanner
2013-08-06 11:23:30 -------- d-----w- C:\Program Files (x86)\TagScanner
2013-08-06 10:29:38 -------- d-----w- C:\Users\User\AppData\Roaming\Aura4You
2013-08-06 10:26:34 -------- d-----w- C:\Program Files (x86)\Aura4You
2013-08-05 17:54:34 161792 ----a-w- C:\.exe
2013-08-05 12:05:29 -------- d-----w- C:\Users\User\AppData\Local\Temporary Projects
2013-08-05 11:54:03 -------- d-----w- C:\Users\User\AppData\Local\lazarus
2013-08-05 11:53:49 1849344 ----a-w- C:\Windows\System32\Qt4Pas5.dll
2013-08-05 11:51:57 -------- d-----w- C:\lazarus
2013-08-03 09:38:10 -------- d-----w- C:\Program Files (x86)\Common Files\Macrovision Shared
.
==================== Find3M ====================
.
2013-08-20 21:02:24 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2013-08-20 21:02:24 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2013-07-28 13:12:31 99384 ----a-w- C:\Users\User\AppData\Roaming\inst.exe
2013-07-28 13:12:31 82816 ----a-w- C:\Users\User\AppData\Roaming\pcouffin.sys
2013-07-21 16:12:22 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2013-07-21 16:12:21 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll
2013-07-21 16:12:21 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll
2013-07-04 13:57:00 131856 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys
2013-06-21 10:23:16 6496544 ----a-w- C:\Windows\System32\nvcpl.dll
2013-06-21 10:23:16 3514656 ----a-w- C:\Windows\System32\nvsvc64.dll
2013-06-21 10:23:11 884512 ----a-w- C:\Windows\System32\nvvsvc.exe
2013-06-21 10:23:10 63776 ----a-w- C:\Windows\System32\nvshext.dll
2013-06-21 10:23:10 237856 ----a-w- C:\Windows\System32\nvmctray.dll
2013-06-21 03:16:02 566048 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
.
============= FINISH: 21:09:48,28 ===============

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Korak 1.

Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok

Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"
Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S1].txt



Korak 2.

Preuzmi program GMER sa donjeg linka na Desktop:


GMER download
Klikni dati link;
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.


Dvoklikom pokrenite GMER.
Sačekaj da se završi uvodno skeniranje - ukoliko se pojavi bilo kakav upit, klikni No;

klikni Scan i sačekaj da skeniranje bude završeno;

klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer1);

klikni desnim tasterom u prozor programa Gmer i odaberi Options > 3rd party - klikni Scan;

po završetku skeniranja klikni Save ... - izveštaj sačuvaj na Desktop (pod nazivom Gmer2);

klikni taster >>> i odaberi Autostart karticu;

po završetku kratkotrajnog skeniranja, klikni Copy;

otvori Notepad i u njega postavi kopirani tekst - izveštaj sačuvaj na Desktop (pod nazivom Gmer3);

Slikoviti prikaz postupka

Priloži sva tri izveštaja uz poruku korišćenjem opcije Prikači fajl.

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Posto ovaj AdwCleaner stao negde pred kraj i nije hteo da skenira dalje, morao sam da prekinem, i ugasio sam komp nije vise mogao ni folder da otvara, pa sam ujutru ukljucio komp. Skinuo Avira Antivirus skenirao i obrisao neke viruse, mada medju njima nije bilo onog sto sam pominjao. Kako god komp radi bolje sve je brze, iako je i dalje cpu usage 100%...

@TwinHeadedEagle Hvala na pomoci

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Na racunaru imas dosta smece i virusa, pa ako zelis da nastavimo ti isprati uputstvo sto sam dao za GMER i Adwcleaner...

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Uloguj se preko Facebooka da bi skinuo fajl:

-AdwCleaner-

[Link mogu videti samo ulogovani korisnici]

-Gmer1-

[Link mogu videti samo ulogovani korisnici]

-Gmer2-

[Link mogu videti samo ulogovani korisnici]

-Gmer3-

[Link mogu videti samo ulogovani korisnici]

• 0Niko još nije pohvalio poruku.
  Registruj se da bi pohvalio/la poruku!

Preuzmi sUBs-ov ComboFix sa sledeće adrese na Desktop:


Bleeping Computer
Klikni desnim tasterom na link i odaberi opciju Save Target As... (Save Link As..., Save Linked Content As... ili sličnu);
Kada se otvori dijalog za izbor lokacije na kojoj treba sačuvati file, odaberi Desktop i klikni Save.



Kada preuzimanje programa bude završeno:
deaktiviraj zaštitni softver (uputstvo);
zatvori pokrenute programe;
dvoklikom pokreni program ComboFix;
u prozoru koji se otvori klikni "I Agree".
U toku rada, ComboFix će:proveriti postoji li novija verzija programa:
klikni Yes ako bude ponuđeno preuzimanje iste.ako Recovery Console nije instalirana, ponuditi instalaciju:
obavezno prihvati klikom na Yes i isprati postupak.postaviti/dati određeni broj upita/obaveštenja:
prihvati klikom na Yes ili OK.po potrebi, restartovati Windows (više puta);
na kraju rada, otvoriti Notepad sa izveštajem o skeniranju.

Iskopiraj izveštaj koji je ComboFix napravio u temu na forumu:
klikni desnim tasterom miša u prozor Notepad-a i izaberi Select All;
klikni desnim tasterom miša na obeleženi tekst i izaberi Copy;
klikni desnim tasterom miša u polje za pisanje poruke i izaberi Paste.


Napomena:Izveštaj će biti sačuvan pod nazivom ComboFix.txt na sistemskoj particiji (tipična lokacija: C:\ComboFix.txt);
Ukoliko nakon slanja poruke primetiš da izveštaj nije kompletan, iskoristi opciju Prikači fajl za prilaganje file-a C:\ComboFix.txt uz poruku;
Nemoj kliktati u okviru ComboFix prozora dok radi jer to može usporiti rad alata;
Nemoj ponovo pokretati ComboFix na svoju ruku - javi se u temi bilo kakav problem da imaš tokom prvog pokretanja alata;
Ako nakon restarta dobijaš grešku prilikom startovanja pojedinih programa da su označeni za brisanje (Illegal operation attempted on a registry key that has been marked for deletion), onda ponovo restartuj sistem i to ce rešiti problem.