Opterećenje procesora 100% kada se konektujem na internet

Opterećenje procesora 100% kada se konektujem na internet

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 201

Imam problem sa konekcijom na internet (ADSL,telekom,100 Mbps).Primetio sam da teško učitava početnu stranicu pretraživača (google) i kasnije surfovanje je jako otežano.U task menadzeru sam primetio da mi je procesor opterećen 100% sve vreme dok sam na internetu.To se sve dešava dok se skroz ne isključim sa interneta (disable).Svaki put kad se konektujem podiže procesor na 100%.Inače koristim google chrome.






https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png




Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:04-05-2014
Ran by dejan (administrator) on DEJAN-1613B67D4 on 05-05-2014 11:57:37
Running from F:\Programi\Internet
Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

() C:\Program Files\Unlocker\UnlockerAssistant.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgui.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jusched.exe
() C:\Program Files\LClock\LClock.exe
() C:\Program Files\RocketDock\RocketDock.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2013\avgwdsvc.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
() C:\Program Files\PCDApp\dgen.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [15872 2008-03-01] ()
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2013\avgui.exe [4411952 2014-01-21] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Java\jre6\bin\jusched.exe [148888 2014-04-01] (Sun Microsystems, Inc.)
Winlogon\Notify\AtiExtEvent: C:\WINDOWS\system32\Ati2evxx.dll (ATI Technologies Inc.)
HKU\.DEFAULT\...\Run: [True Transparency] => "C:\Program Files\Utilities\True Transparency\TrueTransparency.exe"
HKU\.DEFAULT\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-19] ()
HKU\.DEFAULT\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\.DEFAULT\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\.DEFAULT\...\RunOnce: [WUAppSetup] - C:\Program Files\Common Files\logishrd\WUApp32.exe [466648 2012-09-21] ()
HKU\.DEFAULT\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-20\...\Run: [True Transparency] => "C:\Program Files\Utilities\True Transparency\TrueTransparency.exe"
HKU\S-1-5-20\...\Run: [LClock] => C:\Program Files\LClock\LClock.exe [65536 2004-09-19] ()
HKU\S-1-5-20\...\RunOnce: [nltide_3] - rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N
HKU\S-1-5-20\...\RunOnce: [ShowDeskFix] - regsvr32 /s /n /i:u shell32
HKU\S-1-5-20\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [LClock] => C:\Program Files\LClock\lclock.exe [65536 2004-09-19] ()
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [RocketDock] => C:\Program Files\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [1305408 2011-01-05] (DT Soft Ltd)
HKU\S-1-5-21-1214440339-2000478354-1177238915-1004\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Ohridski prolog.lnk
ShortcutTarget: Ohridski prolog.lnk -> C:\Program Files\Ohridski prolog\Ohridski prolog.jar ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.rs/
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
BHO: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0

FireFox:
========
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Documents and Settings\dejan\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

Chrome:
=======
CHR HomePage: hxxp://www.google.rs/
CHR StartupUrls: "hxxp://www.google.rs/"
CHR Extension: (Google документи) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-03]
CHR Extension: (Google диск) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-03]
CHR Extension: (YouTube) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-03]
CHR Extension: (Google претрага) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-03]
CHR Extension: (Google новчаник) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-03]
CHR Extension: (Gmail) - C:\Documents and Settings\dejan\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-03]

========================== Services (Whitelisted) =================

S4 ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [516096 2005-08-30] ()
S2 avgfws; C:\Program Files\AVG\AVG2013\avgfws.exe [1432080 2013-10-23] (AVG Technologies CZ, s.r.o.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2013\avgidsagent.exe [4939312 2013-07-04] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2013\avgwdsvc.exe [283136 2013-11-20] (AVG Technologies CZ, s.r.o.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2014-04-01] (Sun Microsystems, Inc.)
S4 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
S4 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S4 VCDSecS; C:\Program Files\Virtual CD v4\System\vcdsecs.exe [40960 2002-09-16] (H+H Software GmbH)

==================== Drivers (Whitelisted) ====================

R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-12] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [208184 2013-11-25] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [60216 2013-07-20] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22328 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [171320 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [246072 2013-07-20] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [96568 2013-07-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [39224 2013-10-23] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [182072 2014-04-15] (AVG Technologies CZ, s.r.o.)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Corporation)
R3 cmpci; C:\WINDOWS\System32\drivers\cmaudio.sys [377358 2002-11-18] (C-Media Inc)
R1 dtsoftbus01; C:\WINDOWS\System32\DRIVERS\dtsoftbus01.sys [218176 2014-04-25] (DT Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [8704 2009-04-22] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [3072 2009-04-22] ()
R3 FETNDIS; C:\WINDOWS\System32\DRIVERS\fetnd5.sys [27165 2001-08-17] (VIA Technologies, Inc. )
R3 gameenum; C:\WINDOWS\System32\DRIVERS\gameenum.sys [10624 2008-04-14] (Microsoft Corporation)
S3 hidgame; C:\WINDOWS\System32\DRIVERS\hidgame.sys [8576 2001-08-17] (Microsoft Corporation)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Corporation)
R1 prodrv06; C:\WINDOWS\System32\drivers\prodrv06.sys [79232 2004-07-06] (Protection Technology)
R0 prohlp02; C:\WINDOWS\System32\drivers\prohlp02.sys [72896 2004-07-06] (Protection Technology)
R0 prosync1; C:\WINDOWS\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology)
R0 sfhlp01; C:\WINDOWS\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology)
R0 si3114r5; C:\WINDOWS\System32\DRIVERS\Si3114r5.sys [209200 2007-02-07] (Silicon Image, Inc)
R0 SiFilter; C:\WINDOWS\System32\DRIVERS\SiWinAcc.sys [10368 2004-11-01] (Silicon Image, Inc.)
R0 SiRemFil; C:\WINDOWS\System32\DRIVERS\SiRemFil.sys [5504 2006-10-18] (Silicon Image, Inc.)
R1 vcdmpdrv; C:\WINDOWS\System32\DRIVERS\vcdmpdrv.sys [49296 2002-09-24] (H+H Software GmbH)
R0 viaagp1; C:\WINDOWS\System32\DRIVERS\viaagp1.sys [27904 2003-07-02] (VIA Technologies, Inc.)
R0 VIAMRAID; C:\WINDOWS\System32\DRIVERS\viamraid.sys [117248 2008-01-22] (VIA Technologies inc,.ltd)
R0 VIDEX32; C:\WINDOWS\system32\Drivers\VIDEX32.sys [9216 2008-04-27] (VIA Technologies, Inc.)
S4 IntelIde; No ImagePath
S3 SliceDisk5; \??\C:\DOCUME~1\dejan\LOCALS~1\Temp\FindAndMount\slicedisk.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2008-03-01] ()
U1 WS2IFSL;

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-05 11:57 - 2014-05-05 11:57 - 00000000 ____D () C:\FRST
2014-05-03 23:30 - 2014-05-03 23:30 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-05-03 23:29 - 2014-05-03 23:29 - 00000000 __SHD () C:\Documents and Settings\dejan\IETldCache
2014-05-03 23:14 - 2014-05-03 23:14 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Gamut
2014-05-03 22:36 - 2014-05-03 22:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-05-03 22:35 - 2014-05-05 11:40 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-03 22:35 - 2014-05-05 10:25 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-03 22:05 - 2014-05-03 22:06 - 00000000 __HDC () C:\WINDOWS\ie8
2014-04-28 16:45 - 2014-04-28 16:51 - 00000000 ____D () C:\Documents and Settings\dejan\Start Menu\Programs\PANZERS - Phase1
2014-04-26 18:35 - 2014-04-26 18:35 - 00000839 _____ () C:\Documents and Settings\dejan\Start Menu\µTorrent.lnk
2014-04-26 18:35 - 2014-04-26 18:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-26 16:49 - 2014-04-26 16:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-26 01:38 - 2014-04-26 01:38 - 00000047 _____ () C:\Documents and Settings\dejan\Application Data\mbam.context.scan
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-04-25 17:59 - 2014-04-25 17:59 - 00218176 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-04-25 17:58 - 2014-04-25 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:59 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Toolbar
2014-04-24 09:16 - 2014-04-24 09:16 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\{f81354bd-35c4-79ee-d523-4685f81354bd}
2014-04-21 21:38 - 2014-04-21 21:38 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\.mono
2014-04-21 21:00 - 2014-04-21 21:08 - 00000511 _____ () C:\WINDOWS\system32\InTLub1.sys
2014-04-11 22:38 - 2014-04-23 20:59 - 00000000 ____D () C:\Program Files\Settings Manager
2014-04-11 22:38 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\CPUID
2014-04-09 10:29 - 2014-04-09 10:29 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\BabSolution

==================== One Month Modified Files and Folders =======

2014-05-05 11:57 - 2014-05-05 11:57 - 00000000 ____D () C:\FRST
2014-05-05 11:40 - 2014-05-03 22:35 - 00000918 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-05 11:18 - 2014-02-03 21:12 - 00000000 ____D () C:\Documents and Settings\dejan
2014-05-05 11:05 - 2014-02-10 12:00 - 00000998 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-2000478354-1177238915-1004UA.job
2014-05-05 11:05 - 2014-02-10 12:00 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-1214440339-2000478354-1177238915-1004Core.job
2014-05-05 10:34 - 2014-02-03 22:37 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\MFAData
2014-05-05 10:29 - 2014-02-03 21:50 - 00606292 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-05 10:25 - 2014-05-03 22:35 - 00000914 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-05 10:25 - 2014-02-03 21:52 - 00000159 ____N () C:\WINDOWS\wiadebug.log
2014-05-05 10:25 - 2014-02-03 21:52 - 00000048 ____N () C:\WINDOWS\wiaservc.log
2014-05-05 10:25 - 2014-02-03 21:12 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-05 09:08 - 2014-02-03 21:12 - 00032610 ____N () C:\WINDOWS\SchedLgU.Txt
2014-05-05 09:08 - 2014-02-03 21:12 - 00000278 ___SH () C:\Documents and Settings\dejan\ntuser.ini
2014-05-04 17:53 - 2014-02-03 21:12 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\uTorrent
2014-05-03 23:30 - 2014-05-03 23:30 - 00000000 __SHD () C:\Documents and Settings\NetworkService\IETldCache
2014-05-03 23:30 - 2014-02-03 21:11 - 00000000 __SHD () C:\Documents and Settings\NetworkService
2014-05-03 23:29 - 2014-05-03 23:29 - 00000000 __SHD () C:\Documents and Settings\dejan\IETldCache
2014-05-03 23:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Media
2014-05-03 23:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Help
2014-05-03 23:14 - 2014-05-03 23:14 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Gamut
2014-05-03 22:37 - 2014-03-23 22:42 - 00000000 ____D () C:\Documents and Settings\dejan\Local Settings\Application Data\Google
2014-05-03 22:36 - 2014-05-03 22:36 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2014-05-03 22:36 - 2014-03-23 22:42 - 00000000 ____D () C:\Program Files\Google
2014-05-03 22:34 - 2001-08-23 14:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2014-05-03 22:06 - 2014-05-03 22:05 - 00000000 __HDC () C:\WINDOWS\ie8
2014-05-01 16:51 - 2014-02-04 22:45 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\Skype
2014-04-29 23:08 - 2014-02-04 16:34 - 00027648 _____ () C:\Documents and Settings\dejan\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-28 16:51 - 2014-04-28 16:45 - 00000000 ____D () C:\Documents and Settings\dejan\Start Menu\Programs\PANZERS - Phase1
2014-04-26 18:35 - 2014-04-26 18:35 - 00000839 _____ () C:\Documents and Settings\dejan\Start Menu\µTorrent.lnk
2014-04-26 18:35 - 2014-04-26 18:35 - 00000000 ____D () C:\Program Files\PCDApp
2014-04-26 18:29 - 2014-02-03 21:44 - 00000000 ____D () C:\WINDOWS\Resources
2014-04-26 16:49 - 2014-04-26 16:49 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\AVG
2014-04-26 01:38 - 2014-04-26 01:38 - 00000047 _____ () C:\Documents and Settings\dejan\Application Data\mbam.context.scan
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Program Files\7-Zip
2014-04-26 00:45 - 2014-04-26 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\7-Zip
2014-04-25 18:08 - 2014-02-04 22:00 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\DAEMON Tools Lite
2014-04-25 17:59 - 2014-04-25 17:59 - 00218176 _____ (DT Soft Ltd) C:\WINDOWS\system32\Drivers\dtsoftbus01.sys
2014-04-25 17:59 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Lite
2014-04-25 17:58 - 2014-04-25 17:58 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\DAEMON Tools Lite
2014-04-25 17:53 - 2014-04-25 17:53 - 00000000 ____D () C:\Program Files\DAEMON Tools Toolbar
2014-04-25 16:38 - 2014-02-03 21:47 - 00000232 ___SH () C:\boot.ini
2014-04-25 16:38 - 2001-08-23 14:00 - 00000917 _____ () C:\WINDOWS\win.ini
2014-04-25 16:38 - 2001-08-23 14:00 - 00000227 _____ () C:\WINDOWS\system.ini
2014-04-24 09:16 - 2014-04-24 09:16 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\{f81354bd-35c4-79ee-d523-4685f81354bd}
2014-04-23 20:59 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\Settings Manager
2014-04-21 21:38 - 2014-04-21 21:38 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\.mono
2014-04-21 21:08 - 2014-04-21 21:00 - 00000511 _____ () C:\WINDOWS\system32\InTLub1.sys
2014-04-18 01:36 - 2014-02-03 22:41 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\AVG2013
2014-04-15 13:35 - 2013-03-21 04:08 - 00182072 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgtdix.sys
2014-04-11 22:38 - 2014-04-11 22:38 - 00000000 ____D () C:\Program Files\CPUID
2014-04-09 10:29 - 2014-04-09 10:29 - 00000000 ____D () C:\Documents and Settings\Default User\Application Data\TuneUp Software
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-04-05 01:40 - 2014-04-05 01:40 - 00000000 ____D () C:\Documents and Settings\dejan\Application Data\BabSolution

==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe => MD5 is legit
C:\WINDOWS\system32\winlogon.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll => MD5 is legit
C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\volsnap.sys => MD5 is legit

==================== End Of Log ============================

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
() C:\Program Files\PCDApp\dgen.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
C:\Program Files\Settings Manager\systemk\sysapcrt.dll
c:\program files\settings manager\systemk\x64\sysapcrt.dll
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
C:\Program Files\PCDApp\StartHelp.exe
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.







*************************







Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 201

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:04-05-2014
Ran by dejan at 2014-05-05 13:03:35 Run:1
Running from F:\Programi\Internet
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
() C:\Program Files\PCDApp\dgen.exe
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Settings Manager\systemk\sysapcrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files\settings manager\systemk\x64\sysapcrt.dll
C:\Program Files\Settings Manager\systemk\sysapcrt.dll
c:\program files\settings manager\systemk\x64\sysapcrt.dll
SearchScopes: HKCU - DefaultScope {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = http://www.buenosearch.com/?q={searchTerms}&babsrc=SP_ss&mntrId=E85C000C61000000&affID=128403&tsp=5207
SearchScopes: HKCU - {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = http://www.daemon-search.com/search?q={searchTerms}
Toolbar: HKLM - No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [97007 2014-04-10] ()
C:\Program Files\PCDApp\StartHelp.exe
End
*****************

C:\Program Files\PCDApp\dgen.exe => No running process found
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bitguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\bpsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserdefender.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browserprotect.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\browsersafeguard.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dprotectsvc.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\jumpflip => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\protectedsearch.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchinstaller.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotection.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchprotector.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\searchsettings64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\snapdo.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst32.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\stinst64.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\umbrella.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\utiljumpflip.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\volaro => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\vonteera => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroids.exe => Key deleted successfully.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\websteroidsservice.exe => Key deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x86 => Value deleted successfully.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => Value deleted successfully.
"C:\Program Files\Settings Manager\systemk\sysapcrt.dll" => File/Directory not found.
"c:\program files\settings manager\systemk\x64\sysapcrt.dll" => File/Directory not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value deleted successfully.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key deleted successfully.
HKCR\Wow6432Node\CLSID\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{32099AAC-C132-4136-9E9A-4E364A424E17} => Value deleted successfully.
HKCR\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17} => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} => Value deleted successfully.
HKCR\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} => Key not found.
ProtectMonitor => Service deleted successfully.
C:\Program Files\PCDApp\StartHelp.exe => Moved successfully.

==== End of Fixlog ====



https://www.mycity.rs/must-login.png

https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pokreni ponovo FRST i klikni Scan.

Postavi mi novi log.

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 201

Brate Arguse,sada sve normalno fercera!!
https://www.mycity.rs/must-login.png

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Znam Smile

Uradi jos ova dva koraka.


Preuzmi TFC (Temp File Cleaner) i sacuvaj ga na Desktop.
Dvoklikom pokreni program i klikni na dugme Start da bi dozvolio programu da otpocne skeniranje.
Kada program zavrsi skeniranje,mozda ce zatraziti da restartujes racunar. Ako se to ne desi, restartuj ga rucno.

Napomena: Kada zavrsis sa ciscenjem temp fajlova,program mozes obrisati ili ga sacuvati za kasniju upotrebu.



****************




Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Pridružio: 05 Jul 2005
  • Poruke: 201

Hvala druže puno.Jel u pitanju bio '' dgen.exe ''

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Jeste, BitCoinMiner.

Ko je trenutno na forumu
 

Ukupno su 1399 korisnika na forumu :: 34 registrovanih, 6 sakrivenih i 1359 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: A.R.Chafee.Jr., amaterSRB, babaroga, Bokiboks, BSD, CikaKURE, darkangel, debeli, DPera, Georgius, hologram, Karla, kuntalo, Lukaaa, Marko Marković, Mi lao shu, milenko crazy north, milimoj, Milometer, milos.cbr, opt1, procesor, raptorsi, Skywhaler, Srle993, Sumadija34, suton, TheBeastOfMG, Toper, Trpe Grozni, vasa.93, voja64, zlaya011, Zoca