Cpu 100%

1

Cpu 100%

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Napisano: 20 Jul 2014 13:54

1. detaljan opis problema;
na koji način se ispoljava problem oko koga tražite pomoć; - Na usporenje sistema, slabu obradu podataka.
kada se taj problem počeo ispoljavati; Pre 2 dana kada sam pokusao da povratim USB fles u zivot.
ukoliko zaštitni softver koji koristite nešto detektuje, a ne može da ukloni, napišite/iskopirajte nazive detektovanih datoteka u poruku; Skenirao sam sa Essencialom (Legalnim Win7) nije nista nasao. Skenirao sam Malwerebytom.. nasao 259 infekcija i sve premesteno u karantin pa zatim obrisano i uradjen restart sistema.
na koji način ste pokušali rešiti problem; Skeniranjem, brisanjem nepotrebnih aplikacija, dodataka, toolborova, brisanje registar neupotrebljene baze, uradjeno ciscenje CCleanerom i Spybotom.
kakvom internet konekcijom raspolažete (tip i brzina konekcije); SBB 10mb/s
bilo kakve dodatne informacije koje bi mogle pobliže opisati stanje na vašem računaru. Usporava mi sistem, youtube mi malo secka upravo zbog toga. Gledao sam procese i gledao koji najvise koristi i nisam uspeo da nadjem pretnju. Plasim se samo da mi ne crkne processor, toga me je strah najvise.
Moram da napomenem da je sada trenutno sve u redu, ali do sada mi je bio na 100%. Isto mi se desilo i juce, kada sam uradio sve i skenirao , obrisao..Vratio se na normalan CPU, ali danas opet kad sam podigao sistem, konstatno je bio na 100% i sad se kao malo spustio, samo ne znam dokle ce da drzi toliko.
P.s iskljucio sam sve nepotrebne programe pri podizanju sistema msconfig-a.
Slika 1.01 (CPU-trenutni) http://prntscr.com/44i6l4
Slika 1.02 (Procesi svih korisnika) http://prntscr.com/44i6ru

2. postavljanje dijagnostičkog izveštaja (log-a, logfile-a);
First (log-izvestaj)- Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:20-07-2014
Ran by prle (administrator) on PRLE-PC on 20-07-2014 13:48:53
Running from C:\Users\prle\Downloads
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: engleski (SAD)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-t.....scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Pandora.TV) C:\Program Files\PANDORA.TV\PanService\KMPService.exe
(PandoraTV) C:\Program Files\PANDORA.TV\PanService\KMPProcess.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(matt.malensek.net) C:\Program Files\3RVX\3RVX.exe
(TopLang Software) C:\Program Files\Password Door\TLPD.EXE
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TorchMedia Inc.) C:\Users\prle\AppData\Local\Torch\Update\TorchCrashHandler.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
() C:\Windows\Temp\dgen.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Skillbrains) C:\Users\prle\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [354304 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1003\...\RunOnce: [mctadmin] => C:\Windows\System32\mctadmin.exe [93696 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Fences.lnk
ShortcutTarget: Fences.lnk -> C:\Program Files\Stardock\Fences\Fences.exe (Stardock Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
BootExecute: autocheck autochk * sdnclean.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x00BA1EF6EC73CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = sr-me
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = ${SEARCH_URL}{searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms}
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKCU - {32D5563E-5F7D-4739-96F8-18D1390F66B7} URL = http://www.dogpile.com/search/web?fcoid=417&fcop=topnav&fpid=27&ql=&q={searchTerms}
SearchScopes: HKCU - {3A748936-3C4B-4965-A0AA-94D2CA2592F8} URL = http://search.ividi.org/?q={searchTerms}&src=tbsp&id=2cf1ec7b0000000000006c626d450386&affilt=3&r=553
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = http://dts.search.ask.com/sr?src=ieb&gct=ds&appid=.....nrs=AG6&q={searchTerms}
SearchScopes: HKCU - {9E06BDCF-0BDA-468E-B603-AEFD462C9890} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=2cf1ec7b0000000000006c626d450386&r=669
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default
FF DefaultSearchEngine: Ask.com
FF SearchEngineOrder.1: Ask.com
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin: @java.com/DTPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.65.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin - C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll No File
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin: TorchVLC - C:\Users\prle\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\user.js
FF SearchPlugin: C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\Ask.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pogodakyu.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\vokabular.xml
FF Extension: LavaFox V2 - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\info@djzig.com [2014-03-17]
FF Extension: No Name - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\staged [2014-06-21]
FF Extension: Lightweight Themes Manager - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\lwthemes-manager@loucypher.xpi [2014-03-17]
FF Extension: Stylish - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2014-03-17]
FF Extension: YouTube High Definition - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-03-17]
FF Extension: Adblock Plus - C:\Users\prle\AppData\Roaming\Mozilla\Firefox\Profiles\jama4nzo.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-17]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-04-11]

Chrome:
=======
CHR Extension: (NeXtCoup) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnfiknodfamfadimbpboenlekogbbpan [2014-07-20]
CHR Extension: (Skype Click to Call) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-07-19]
CHR Extension: (Google новчаник) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (NeXtCoup) - C:\Users\prle\AppData\Local\Google\Chrome\User Data\Default\Extensions\jnfiknodfamfadimbpboenlekogbbpan\1.0 [2014-07-20]
CHR HKLM\...\Chrome\Extension: [infnpeniaicgjpbmfkbgafklodbpjgjn] - C:\Program Files\MediaViewV1\MediaViewV1alpha391\ch\MediaViewV1alpha391.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [lefopkabiomfgkedgnpdbnlpnilcfgho] - C:\Program Files\MediaViewerV1\MediaViewerV1alpha456\ch\MediaViewerV1alpha456.crx [2014-07-20]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-06-20] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-06-20] (Microsoft Corporation)
R2 PanService; C:\Program Files\PANDORA.TV\PanService\KMPService.exe [1922600 2013-07-08] (Pandora.TV)
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
R2 SDScannerService; C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe [3921880 2013-10-15] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe [1042272 2013-09-20] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe [171416 2013-09-13] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TorchCrashHandler; C:\Users\prle\AppData\Local\Torch\Update\TorchCrashHandler.exe [1216520 2014-06-02] (TorchMedia Inc.)

==================== Drivers (Whitelisted) ====================

R3 athur; C:\Windows\System32\DRIVERS\athur.sys [1570304 2012-10-18] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2014-01-18] (DT Soft Ltd)
S3 gggen; C:\Windows\System32\DRIVERS\gggen.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 ggsemc; C:\Windows\System32\DRIVERS\ggsemc.sys [11648 2006-09-28] (Sony Ericsson Mobile Communications) [File not signed]
S3 hcdriver; C:\Windows\System32\DRIVERS\hcdriver.sys [55208 2013-08-21] (Intel Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R1 MpKsl320bb375; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6911C7E5-9675-4AFE-B7F0-09AEB0E0105C}\MpKsl320bb375.sys [39464 2014-07-20] (Microsoft Corporation)
S3 s125bus; C:\Windows\System32\DRIVERS\s125bus.sys [83336 2007-04-24] (MCCI Corporation)
S3 s125mdfl; C:\Windows\System32\DRIVERS\s125mdfl.sys [15112 2007-04-24] (MCCI Corporation)
S3 s125mdm; C:\Windows\System32\DRIVERS\s125mdm.sys [108680 2007-04-24] (MCCI Corporation)
S3 s125mgmt; C:\Windows\System32\DRIVERS\s125mgmt.sys [100488 2007-04-24] (MCCI Corporation)
S3 s125obex; C:\Windows\System32\DRIVERS\s125obex.sys [98696 2007-04-24] (MCCI Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [466008 2014-01-18] (Duplex Secure Ltd.)
S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]
U3 abzcjt2v; C:\Windows\system32\Drivers\abzcjt2v.sys [0 ] (Advanced Micro Devices)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-20 13:48 - 2014-07-20 13:49 - 00016002 _____ () C:\Users\prle\Downloads\FRST.txt
2014-07-20 13:48 - 2014-07-20 13:49 - 00000000 ____D () C:\FRST
2014-07-20 13:48 - 2014-07-20 13:48 - 01080320 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-07-20 12:09 - 2014-07-20 12:09 - 00000056 _____ () C:\Windows\setupact.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 12:08 - 2014-07-20 12:08 - 00000350 _____ () C:\Windows\PFRO.log
2014-07-20 04:34 - 2014-07-20 04:34 - 00000019 _____ () C:\Users\prle\Desktop\kk.txt
2014-07-20 00:08 - 2014-07-20 00:08 - 02347384 _____ (ESET) C:\Users\prle\Downloads\esetsmartinstaller_enu.exe
2014-07-19 21:36 - 2014-07-19 21:36 - 02735180 _____ () C:\Users\prle\Downloads\USBest PQI fix LowFormat UT163 and UT165.rar
2014-07-19 21:32 - 2014-07-19 21:39 - 00000000 ____D () C:\Program Files\DriverToolkit
2014-07-19 21:32 - 2014-07-19 21:32 - 00000000 ____D () C:\Users\prle\AppData\Local\DriverToolkit
2014-07-19 21:31 - 2014-07-19 21:32 - 02395840 _____ (Megaify Software ) C:\Users\prle\Downloads\driver_setup.exe
2014-07-19 21:04 - 2014-07-19 21:05 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (2).rar
2014-07-19 21:03 - 2014-07-19 21:04 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (1).rar
2014-07-19 21:00 - 2014-07-19 21:01 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool.rar
2014-07-19 20:52 - 2014-07-19 20:52 - 00136695 _____ () C:\Users\prle\Downloads\ChipGenius V3.01.rar
2014-07-19 20:32 - 2014-07-20 00:55 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-19 20:32 - 2014-07-19 20:32 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-19 20:23 - 2014-07-20 12:09 - 00000000 ____D () C:\Program Files\PCDApp
2014-07-19 20:23 - 2014-07-19 21:39 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-19 20:23 - 2014-07-19 20:23 - 00718497 _____ () C:\Windows\unins000.exe
2014-07-19 20:23 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-19 20:22 - 2014-07-19 20:22 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\prle\AppData\Local\MaxiGet Download Manager
2014-07-19 20:21 - 2014-07-19 20:23 - 00236072 _____ () C:\Windows\unins000.dat
2014-07-19 20:21 - 2014-07-19 20:21 - 00456496 _____ (Company limited) C:\Users\prle\Downloads\Chip Genius v3 00 To Rep... USB Disk Enter Here.exe
2014-07-19 20:15 - 2014-07-20 00:55 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-07-19 20:14 - 2014-07-20 00:55 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-19 20:14 - 2014-07-20 00:37 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2
2014-07-19 20:14 - 2014-07-20 00:34 - 00000000 ____D () C:\ProgramData\priecEchop
2014-07-19 20:14 - 2014-07-20 00:32 - 00000000 ____D () C:\Program Files\priecEchop
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator
2014-07-19 03:09 - 2014-07-19 03:09 - 09607304 _____ (Microsoft Corporation) C:\Users\prle\Downloads\DefaultPack.EXE
2014-07-19 03:03 - 2014-07-19 03:05 - 00000000 ____D () C:\Windows\system32\Taskman
2014-07-19 03:02 - 2011-03-05 11:52 - 01605901 _____ () C:\Users\prle\Downloads\Task Manager Modder.exe
2014-07-19 02:51 - 2014-07-19 02:51 - 00001091 _____ () C:\Users\prle\Desktop\Auslogics DiskDefrag.lnk
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-19 00:53 - 2014-07-19 00:53 - 00046528 _____ () C:\Users\prle\Downloads\[kickass.to]the.awakening.2011.pal.retail.dvdr.dd5.1.eng.nl.subs.torrent
2014-07-19 00:17 - 2014-07-19 00:17 - 00002095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00002083 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-19 00:17 - 2013-09-20 10:49 - 00018968 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean.exe
2014-07-18 22:21 - 2014-07-20 12:35 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-18 22:21 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-18 22:20 - 2014-07-18 22:21 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Malwarebytes
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:20 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-18 22:20 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-18 00:11 - 2014-07-18 00:11 - 00001046 _____ () C:\Users\prle\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\Public\Documents\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\Aquarius Soft
2014-07-18 00:06 - 2014-07-18 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Alarm Clock
2014-07-18 00:06 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\PC Alarm Clock
2014-07-17 19:37 - 2014-07-17 19:37 - 00001044 _____ () C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
2014-07-17 19:37 - 2014-07-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck 18 Wheels
2014-07-17 19:28 - 2014-07-17 19:31 - 00000000 ____D () C:\Users\prle\Documents\18 WoS Extreme Trucker
2014-07-17 19:26 - 2014-07-18 14:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeAudioPack
2014-07-17 19:26 - 2014-07-17 19:26 - 00001252 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00001218 _____ () C:\Users\prle\Desktop\Free Mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-07-17 19:26 - 2011-09-29 14:20 - 01986560 _____ (NCT Company Ltd.) C:\Windows\system32\AudFile.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 01212416 _____ (NCT Company Ltd.) C:\Windows\system32\AudioInfos.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00484352 _____ () C:\Windows\system32\lame_enc.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00458752 _____ (NCT Company Ltd.) C:\Windows\system32\AudPlayer.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00348160 _____ (NCT Company Ltd.) C:\Windows\system32\WMAFile.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\msvcr70.dll
2014-07-17 19:26 - 2011-09-29 14:20 - 00116296 _____ () C:\Windows\system32\NCTWMAProfiles.prx
2014-07-17 19:26 - 2011-09-29 14:19 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\MFC71.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00662288 _____ (Microsoft Corporation) C:\Windows\system32\MSCOMCT2.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00348160 _____ (Microsoft Corporation) C:\Windows\system32\msvcr71.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00224016 _____ (Microsoft Corporation) C:\Windows\system32\TABCTL32.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00152848 _____ (Microsoft Corporation) C:\Windows\system32\COMDLG32.OCX
2014-07-17 19:26 - 2011-09-29 14:19 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\MSCMCFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00119568 _____ (Microsoft Corporation) C:\Windows\system32\VB6FR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\VB6STKIT.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\Mscc2fr.dll
2014-07-17 19:26 - 2011-09-29 14:19 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\CMDLGFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00021504 _____ (Microsoft Corporation) C:\Windows\system32\TABCTFR.DLL
2014-07-17 19:26 - 2011-09-29 14:19 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\inetfr.DLL
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Free MP3 WMA OGG Converter
2014-07-17 19:14 - 2014-07-17 19:35 - 00000000 ____D () C:\Program Files\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\Windows\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:12 - 2014-07-17 19:12 - 00000000 ____D () C:\Program Files\Voznja
2014-07-17 19:07 - 2014-07-18 22:14 - 00000000 ____D () C:\Windows\Minidump
2014-07-17 02:12 - 2014-07-17 19:38 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels
2014-07-17 02:12 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\directx
2014-07-17 01:57 - 2014-07-18 22:22 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 01:23 - 2014-07-11 03:02 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-17 01:23 - 2014-07-11 02:56 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-17 01:23 - 2014-07-11 02:56 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-17 01:23 - 2014-07-11 02:55 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-16 18:54 - 2009-12-20 12:25 - 00292177 _____ () C:\Users\prle\Desktop\ASK Remover.exe
2014-07-14 18:07 - 2014-07-14 18:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-07-13 13:55 - 2014-07-18 22:18 - 00000000 ____D () C:\Program Files\Format USB Or Flash Drive Software
2014-07-13 13:55 - 2005-06-15 03:00 - 00102400 _____ (TechSmith Corporation) C:\Windows\system32\tsccvid.dll
2014-07-12 15:38 - 2014-07-12 15:43 - 32821888 _____ (PandoraTV) C:\Users\prle\Desktop\KMPlayer_3-9-0-125.exe
2014-07-12 15:03 - 2014-07-19 00:55 - 00000000 ____D () C:\Insidious
2014-07-07 02:49 - 2014-07-19 00:24 - 00000000 ____D () C:\Windows\pss
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\Documents\thriXXX
2014-07-05 12:55 - 2014-07-19 00:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-07-05 12:55 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\AppData\Roaming\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\ProgramData\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\Program Files\thriXXX
2014-07-05 12:53 - 2014-07-05 12:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-04 03:15 - 2014-07-18 22:16 - 00000000 ____D () C:\Program Files\Bus Simulator 2008 Demo
2014-07-03 19:47 - 2014-07-18 22:37 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Movies Toolbar
2014-06-26 01:39 - 2014-06-26 01:39 - 00000000 ____D () C:\Users\prle\Desktop\can
2014-06-25 18:11 - 2014-06-25 18:11 - 00000985 _____ () C:\Users\Public\Desktop\Dragon's Prophet.lnk
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet
2014-06-25 17:56 - 2014-06-25 18:11 - 00000000 ____D () C:\Program Files\Dragon's Prophet
2014-06-25 14:52 - 2014-06-25 17:55 - 00000000 ____D () C:\Program Files\Dragon
2014-06-25 14:51 - 2014-06-25 18:00 - 00000000 ____D () C:\ProgramData\Solid State Networks

==================== One Month Modified Files and Folders =======

2014-07-20 13:49 - 2014-07-20 13:48 - 00016002 _____ () C:\Users\prle\Downloads\FRST.txt
2014-07-20 13:49 - 2014-07-20 13:48 - 00000000 ____D () C:\FRST
2014-07-20 13:48 - 2014-07-20 13:48 - 01080320 _____ (Farbar) C:\Users\prle\Downloads\FRST.exe
2014-07-20 13:31 - 2013-08-28 17:39 - 00000882 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-20 13:30 - 2013-06-28 13:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-20 12:35 - 2014-07-18 22:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 12:27 - 2013-08-20 21:26 - 01876480 ___SH () C:\Users\prle\Desktop\Thumbs.db
2014-07-20 12:15 - 2013-06-28 12:15 - 00778150 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-20 12:14 - 2009-07-14 06:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:14 - 2009-07-14 06:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-20 12:12 - 2013-07-23 03:44 - 01326637 _____ () C:\Windows\WindowsUpdate.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000056 _____ () C:\Windows\setupact.log
2014-07-20 12:09 - 2014-07-20 12:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-20 12:09 - 2014-07-19 20:23 - 00000000 ____D () C:\Program Files\PCDApp
2014-07-20 12:09 - 2014-06-04 21:10 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-07-20 12:09 - 2013-08-28 17:39 - 00000878 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-20 12:09 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-20 12:08 - 2014-07-20 12:08 - 00000350 _____ () C:\Windows\PFRO.log
2014-07-20 04:34 - 2014-07-20 04:34 - 00000019 _____ () C:\Users\prle\Desktop\kk.txt
2014-07-20 03:45 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-S-1-5-21-1606030900-3430388029-1771253369-1000.job
2014-07-20 02:40 - 2013-07-27 03:03 - 00000374 _____ () C:\Windows\Tasks\update-sys.job
2014-07-20 01:06 - 2013-09-11 09:19 - 00006656 _____ () C:\Windows\system32\lpcio.dll
2014-07-20 00:56 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Vss
2014-07-20 00:55 - 2014-07-19 20:32 - 00000000 ____D () C:\Program Files\globalUpdate
2014-07-20 00:55 - 2014-07-19 20:15 - 00000000 ____D () C:\ProgramData\Trusted Publisher
2014-07-20 00:55 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\Adblocker
2014-07-20 00:37 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\25d938b0586d6be2
2014-07-20 00:34 - 2014-07-19 20:14 - 00000000 ____D () C:\ProgramData\priecEchop
2014-07-20 00:33 - 2014-02-14 23:22 - 00000738 __RSH () C:\ProgramData\ntuser.pol
2014-07-20 00:32 - 2014-07-19 20:14 - 00000000 ____D () C:\Program Files\priecEchop
2014-07-20 00:08 - 2014-07-20 00:08 - 02347384 _____ (ESET) C:\Users\prle\Downloads\esetsmartinstaller_enu.exe
2014-07-19 21:39 - 2014-07-19 21:32 - 00000000 ____D () C:\Program Files\DriverToolkit
2014-07-19 21:39 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\GOOBZO
2014-07-19 21:39 - 2013-08-10 23:58 - 00000000 ____D () C:\ProgramData\TEMP
2014-07-19 21:36 - 2014-07-19 21:36 - 02735180 _____ () C:\Users\prle\Downloads\USBest PQI fix LowFormat UT163 and UT165.rar
2014-07-19 21:32 - 2014-07-19 21:32 - 00000000 ____D () C:\Users\prle\AppData\Local\DriverToolkit
2014-07-19 21:32 - 2014-07-19 21:31 - 02395840 _____ (Megaify Software ) C:\Users\prle\Downloads\driver_setup.exe
2014-07-19 21:27 - 2009-07-14 04:04 - 00000580 _____ () C:\Windows\win.ini
2014-07-19 21:26 - 2013-06-28 12:51 - 00000000 ____D () C:\Users\prle\AppData\Roaming\uTorrent
2014-07-19 21:21 - 2013-07-07 06:30 - 00007597 _____ () C:\Users\prle\AppData\Local\Resmon.ResmonCfg
2014-07-19 21:05 - 2014-07-19 21:04 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (2).rar
2014-07-19 21:04 - 2014-07-19 21:03 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool (1).rar
2014-07-19 21:01 - 2014-07-19 21:00 - 05215420 _____ () C:\Users\prle\Downloads\Urescue 2013 format tool.rar
2014-07-19 20:52 - 2014-07-19 20:52 - 00136695 _____ () C:\Users\prle\Downloads\ChipGenius V3.01.rar
2014-07-19 20:32 - 2014-07-19 20:32 - 00000000 ____D () C:\Users\prle\AppData\Local\globalUpdate
2014-07-19 20:32 - 2013-06-28 12:59 - 00000000 ____D () C:\Program Files\Google
2014-07-19 20:23 - 2014-07-19 20:23 - 00718497 _____ () C:\Windows\unins000.exe
2014-07-19 20:23 - 2014-07-19 20:23 - 00000000 ____D () C:\Users\Public\Documents\YTAHelper
2014-07-19 20:23 - 2014-07-19 20:21 - 00236072 _____ () C:\Windows\unins000.dat
2014-07-19 20:22 - 2014-07-19 20:22 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\Windows\system32\AniGIF.ocx
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-07-19 20:22 - 2014-07-19 20:22 - 00000000 ____D () C:\Users\prle\AppData\Local\MaxiGet Download Manager
2014-07-19 20:21 - 2014-07-19 20:21 - 00456496 _____ (Company limited) C:\Users\prle\Downloads\Chip Genius v3 00 To Rep... USB Disk Enter Here.exe
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\prle\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Guest
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-19 20:14 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Administrator
2014-07-19 20:14 - 2013-06-28 12:59 - 00000000 ____D () C:\Users\prle\AppData\Local\Google
2014-07-19 03:09 - 2014-07-19 03:09 - 09607304 _____ (Microsoft Corporation) C:\Users\prle\Downloads\DefaultPack.EXE
2014-07-19 03:05 - 2014-07-19 03:03 - 00000000 ____D () C:\Windows\system32\Taskman
2014-07-19 02:51 - 2014-07-19 02:51 - 00001091 _____ () C:\Users\prle\Desktop\Auslogics DiskDefrag.lnk
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-19 02:51 - 2014-07-19 02:51 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-19 00:55 - 2014-07-12 15:03 - 00000000 ____D () C:\Insidious
2014-07-19 00:53 - 2014-07-19 00:53 - 00046528 _____ () C:\Users\prle\Downloads\[kickass.to]the.awakening.2011.pal.retail.dvdr.dd5.1.eng.nl.subs.torrent
2014-07-19 00:26 - 2014-06-04 21:06 - 00000000 ____D () C:\Program Files\Movies Toolbar
2014-07-19 00:26 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\twain_32
2014-07-19 00:24 - 2014-07-07 02:49 - 00000000 ____D () C:\Windows\pss
2014-07-19 00:24 - 2013-06-28 13:09 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Skype
2014-07-19 00:20 - 2014-01-18 20:05 - 00000000 ____D () C:\Program Files\DAEMON Tools Pro
2014-07-19 00:17 - 2014-07-19 00:17 - 00002095 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00002083 _____ () C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2014-07-19 00:17 - 2014-07-19 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-07-19 00:17 - 2014-05-27 00:00 - 00090112 ___SH () C:\Users\prle\Downloads\Thumbs.db
2014-07-19 00:17 - 2014-03-12 21:52 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-19 00:17 - 2014-03-12 21:52 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2014-07-19 00:13 - 2013-07-20 00:15 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-07-19 00:09 - 2014-07-05 12:55 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\thriXXX
2014-07-19 00:09 - 2013-07-07 00:52 - 00000000 ____D () C:\Users\prle\AppData\Local\Unity
2014-07-18 23:14 - 2014-03-09 00:09 - 00000000 ____D () C:\Users\prle\AppData\Local\Facebook
2014-07-18 22:37 - 2014-07-03 19:47 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Movies Toolbar
2014-07-18 22:37 - 2014-02-28 11:59 - 00000000 ____D () C:\Program Files\MediaViewV1
2014-07-18 22:37 - 2014-02-23 23:22 - 00000000 ____D () C:\Program Files\MediaViewerV1
2014-07-18 22:37 - 2014-01-29 21:28 - 00000000 ____D () C:\Users\prle\AppData\Local\genienext
2014-07-18 22:37 - 2014-01-08 19:17 - 00000000 ____D () C:\Users\prle\AppData\Local\Conduit
2014-07-18 22:37 - 2014-01-08 19:17 - 00000000 ____D () C:\Program Files\Conduit
2014-07-18 22:22 - 2014-07-17 01:57 - 00000000 ____D () C:\Program Files\R.G. Mechanics
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:21 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-07-18 22:21 - 2014-07-18 22:20 - 00001024 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Malwarebytes
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-18 22:21 - 2014-07-18 22:20 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-18 22:21 - 2014-03-17 23:13 - 00010494 _____ () C:\Windows\Q-Dir.ini
2014-07-18 22:20 - 2013-06-28 12:40 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-18 22:19 - 2009-07-14 06:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-18 22:18 - 2014-07-13 13:55 - 00000000 ____D () C:\Program Files\Format USB Or Flash Drive Software
2014-07-18 22:18 - 2014-01-29 21:36 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sony Ericsson
2014-07-18 22:18 - 2014-01-29 21:36 - 00000000 ____D () C:\Program Files\Sony Ericsson
2014-07-18 22:16 - 2014-07-04 03:15 - 00000000 ____D () C:\Program Files\Bus Simulator 2008 Demo
2014-07-18 22:16 - 2014-02-01 03:29 - 00000164 _____ () C:\Users\prle\AppData\Roaming\PLGComp.ini
2014-07-18 22:14 - 2014-07-17 19:07 - 00000000 ____D () C:\Windows\Minidump
2014-07-18 22:14 - 2013-06-29 22:52 - 00000000 ____D () C:\Users\prle\AppData\Roaming\DAEMON Tools Pro
2014-07-18 14:07 - 2014-07-17 19:26 - 00000000 ____D () C:\Users\prle\AppData\Roaming\FreeAudioPack
2014-07-18 00:11 - 2014-07-18 00:11 - 00001046 _____ () C:\Users\prle\Desktop\Aquarius Soft PC Alarm Clock Pro.lnk
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\Public\Documents\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aquarius Soft
2014-07-18 00:11 - 2014-07-18 00:11 - 00000000 ____D () C:\ProgramData\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:10 - 00000000 ____D () C:\Program Files\Aquarius Soft
2014-07-18 00:10 - 2014-07-18 00:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Alarm Clock
2014-07-18 00:10 - 2014-07-18 00:06 - 00000000 ____D () C:\Program Files\PC Alarm Clock
2014-07-17 19:43 - 2013-08-10 23:58 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-07-17 19:38 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\Hard Truck 18 Wheels
2014-07-17 19:37 - 2014-07-17 19:37 - 00001044 _____ () C:\Users\Public\Desktop\Hard Truck 18 Wheels of Steel.lnk
2014-07-17 19:37 - 2014-07-17 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Truck 18 Wheels
2014-07-17 19:35 - 2014-07-17 19:14 - 00000000 ____D () C:\Program Files\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:31 - 2014-07-17 19:28 - 00000000 ____D () C:\Users\prle\Documents\18 WoS Extreme Trucker
2014-07-17 19:26 - 2014-07-17 19:26 - 00001252 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00001218 _____ () C:\Users\prle\Desktop\Free Mp3 Wma Converter.lnk
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Pack
2014-07-17 19:26 - 2014-07-17 19:26 - 00000000 ____D () C:\Program Files\Free mp3 Wma Converter
2014-07-17 19:18 - 2014-07-17 19:18 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Free MP3 WMA OGG Converter
2014-07-17 19:14 - 2014-07-17 19:14 - 00000000 ____D () C:\Windows\18 Wheels Of Steel Extreme Trucker
2014-07-17 19:12 - 2014-07-17 19:12 - 00000000 ____D () C:\Program Files\Voznja
2014-07-17 02:12 - 2014-07-17 02:12 - 00000000 ____D () C:\Program Files\directx
2014-07-17 01:34 - 2013-08-28 17:40 - 00002091 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\ProgramData\SystemRequirementsLab
2014-07-17 01:25 - 2014-07-17 01:25 - 00000000 ____D () C:\Program Files\SystemRequirementsLab
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-17 01:23 - 2014-07-17 01:23 - 00000000 ____D () C:\Program Files\Common Files\Java
2014-07-17 01:23 - 2014-01-05 02:22 - 00000000 ____D () C:\ProgramData\Oracle
2014-07-17 01:23 - 2013-07-06 17:01 - 00000000 ____D () C:\Program Files\Java
2014-07-15 18:27 - 2014-06-04 21:10 - 00001397 _____ () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-07-14 22:23 - 2014-06-04 21:09 - 00000000 ____D () C:\Users\prle\AppData\Local\Torch
2014-07-14 18:07 - 2014-07-14 18:07 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch
2014-07-13 13:04 - 2014-01-13 19:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2014-07-13 13:04 - 2014-01-13 19:14 - 00000000 ____D () C:\ProgramData\TP-LINK
2014-07-12 15:43 - 2014-07-12 15:38 - 32821888 _____ (PandoraTV) C:\Users\prle\Desktop\KMPlayer_3-9-0-125.exe
2014-07-12 15:37 - 2009-07-14 04:37 - 00000000 ___RD () C:\Users\Public
2014-07-11 03:02 - 2014-07-17 01:23 - 00096680 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-07-11 02:56 - 2014-07-17 01:23 - 00272808 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-07-11 02:56 - 2014-07-17 01:23 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-07-11 02:55 - 2014-07-17 01:23 - 00175528 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-07-07 02:48 - 2013-06-28 13:11 - 00000000 ____D () C:\Users\prle\AppData\Roaming\Winamp
2014-07-05 14:26 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-07-05 13:19 - 2014-07-05 13:19 - 00000000 ____D () C:\Users\prle\Documents\thriXXX
2014-07-05 13:19 - 2014-07-05 12:55 - 00000000 ____D () C:\Users\prle\AppData\Roaming\thriXXX
2014-07-05 12:59 - 2013-07-19 13:46 - 00000102 _____ () C:\Users\prle\AppData\default.pls
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\ProgramData\thriXXX
2014-07-05 12:55 - 2014-07-05 12:55 - 00000000 ____D () C:\Program Files\thriXXX
2014-07-05 12:55 - 2013-07-07 16:28 - 00000000 ____D () C:\Windows\system32\directx
2014-07-05 12:53 - 2014-07-05 12:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-06-26 01:39 - 2014-06-26 01:39 - 00000000 ____D () C:\Users\prle\Desktop\can
2014-06-25 18:11 - 2014-06-25 18:11 - 00000985 _____ () C:\Users\Public\Desktop\Dragon's Prophet.lnk
2014-06-25 18:11 - 2014-06-25 18:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon's Prophet
2014-06-25 18:11 - 2014-06-25 17:56 - 00000000 ____D () C:\Program Files\Dragon's Prophet
2014-06-25 18:00 - 2014-06-25 14:51 - 00000000 ____D () C:\ProgramData\Solid State Networks
2014-06-25 17:55 - 2014-06-25 14:52 - 00000000 ____D () C:\Program Files\Dragon

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-19 22:33

==================== End Of Log ============================

Addition (Prilog) - https://www.mycity.rs/must-login.png

Dopuna: 20 Jul 2014 13:57

Opet ga drzi na 100% -http://prntscr.com/44i867
U prikazu su tabovi i start up ikone.. Koje ne bi trebalo da dovedu do 100% CPU zauzeca.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Pozdrav.


1. Otvori Notepad (Text Document) i iskopiraj sledeći tekst unutar kod polja ispod:

Start
Task: {289748CA-3237-4995-8854-45EAF3A9A557} - System32\Tasks\Installer_iwebar => C:\Users\prle\AppData\Local\Temp\nsg7E0E.tmp\setup.exe <==== ATTENTION
Task: {3904E296-C86F-4D11-8FFF-A1EA54377EA3} - System32\Tasks\At2 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
Task: {5C89233A-E694-4B45-B64C-6272070EC673} - System32\Tasks\At1 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
() C:\Windows\Temp\dgen.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
C:\Program Files\PCDApp\StartHelp.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
End


2. Sačuvaj notepad na Desktop pod nazivom fixlist.txt
To možes uraditi i iz notepad-a => klik na File potom na Save As i u novom prozoru, dole pod File Name: staviš za naziv fixlist.txt
Napomena: Važno je da se oba fajla, FRST i fixlist nalaze na istoj lokaciji jer u suprotnom fix nece raditi.

3. Ponovo pokreni FRST/FRST64, klikni jednom na dugme Fix i sačekaj.
Ukoliko alat zatraži restart sistema, dozvoli mu i postaraj se da alat kompletira fix nakon restarta sistema.



Alat će formirati log (Fixlog.txt) na Desktop-u. Potrebno je sadržaj tog loga iskopirati u poruku.
Napomena: Ukoliko te alat upozori da postoji novija verzija, postaraj se da preuzmes i koristiš ažuriranu kopiju FRST-a.





*********************





Preuzmi "Xplode"-ov AdwCleaner () i sacuvaj ga na Desktop

Dvoklikom pokreni program.
Klikni na dugme [Scan] i pricekaj da program zavrsi.
Klikni na dugme [Clean]
Program ce zatvoriti sve aktivne programe i izbaciti prozor sa tim upozorenjem. Klikni Ok kao potvrdu.
Na sledeca dva prozora koja se otvore (Informations i Restart required ) klikni Ok


Racunar ce se restartovati a potom otvoriti notepad (C:\AdwCleaner[S1].txt) sa izvestajem.
Sacuvaj taj notepad na Desktop i okaci ga uz poruku koristeci opciju "Prikaci fajl"

Napomena: Izvestaj ce takodje biti sacuvan na C:\AdwCleaner[S0].txt

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Izvestaj 'FixLog' posle restartovanja.
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:20-07-2014
Ran by prle at 2014-07-20 14:50:52 Run:1
Running from D:\Nova fascikla
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
Start
Task: {289748CA-3237-4995-8854-45EAF3A9A557} - System32\Tasks\Installer_iwebar => C:\Users\prle\AppData\Local\Temp\nsg7E0E.tmp\setup.exe <==== ATTENTION
Task: {3904E296-C86F-4D11-8FFF-A1EA54377EA3} - System32\Tasks\At2 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
Task: {5C89233A-E694-4B45-B64C-6272070EC673} - System32\Tasks\At1 => C:\Users\prle\AppData\Roaming\BCWorker.exe <==== ATTENTION
() C:\Windows\Temp\dgen.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {86c8e925-e0a4-11e2-938c-6c626d450386} - F:\Setup.exe
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\...\MountPoints2: {b1bf8a6b-e025-11e2-9c28-806e6f6e6963} - E:\Autorun.exe
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
S2 ProtectMonitor; C:\Program Files\PCDApp\StartHelp.exe [65846 2014-06-28] () [File not signed]
C:\Program Files\PCDApp\StartHelp.exe
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
End
*****************

'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{289748CA-3237-4995-8854-45EAF3A9A557}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{289748CA-3237-4995-8854-45EAF3A9A557}' => Key deleted successfully.
C:\Windows\System32\Tasks\Installer_iwebar => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Installer_iwebar' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3904E296-C86F-4D11-8FFF-A1EA54377EA3}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3904E296-C86F-4D11-8FFF-A1EA54377EA3}' => Key deleted successfully.
C:\Windows\System32\Tasks\At2 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At2' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C89233A-E694-4B45-B64C-6272070EC673}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C89233A-E694-4B45-B64C-6272070EC673}' => Key deleted successfully.
C:\Windows\System32\Tasks\At1 => Moved successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\At1' => Key deleted successfully.
[5996] C:\Windows\Temp\dgen.exe => Process closed successfully.
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => value deleted successfully.
'HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{86c8e925-e0a4-11e2-938c-6c626d450386}' => Key deleted successfully.
'HKCR\CLSID\{86c8e925-e0a4-11e2-938c-6c626d450386}'=> Key not found.
'HKU\S-1-5-21-1606030900-3430388029-1771253369-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b1bf8a6b-e025-11e2-9c28-806e6f6e6963}' => Key deleted successfully.
'HKCR\CLSID\{b1bf8a6b-e025-11e2-9c28-806e6f6e6963}'=> Key not found.
HKLM\System\CurrentControlSet\Control\Session Manager\AppCertDlls\\x64 => value deleted successfully.
"c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll" => File/Directory not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
'HKLM\SOFTWARE\Policies\Google' => Key deleted successfully.
ProtectMonitor => Service deleted successfully.
C:\Program Files\PCDApp\StartHelp.exe => Moved successfully.
C:\Windows\Tasks\At1.job => Moved successfully.
C:\Windows\Tasks\At2.job => Moved successfully.


The system needed a reboot.

==== End of Fixlog ====

-------------------------------------------------
Izvestaji sa 'Xplode'
https://www.mycity.rs/must-login.png (Scan)
https://www.mycity.rs/must-login.png (Fix)

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Kakvo je stanje?

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Sad sam ga isforsirao malo i odlicno radi, youtube ide glatko kao po loju. Evo slike:
http://prntscr.com/44iqth
Doziveo je duhovno preobrazenje. Svaka cast Ziveli

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Sledeća procedura će implementirati završno čišćenje.

Arrow Preuzmi "Xplode"-ov DelFix alat i snimi ga na Desktop.
Dvoklikom pokreni alat i štikliraj kućice ispred sledećih opcija;

Remove disinfection tools
Create registry backup
Purge System Restore


Klikni na dugme Run i pričekaj trenutak dok alat ne završi svoj rad.
Od ovog trenutka, svi korišćeni alati u ovoj temi bi trebali biti obrisani.
Alat će takođe formirati izveštaj za tebe. (C:\DelFix.txt)

Alat će snimiti i zdravo stanje registy-ja i napraviti backup koristeci integrisan program "ERUNT" u %windir%\ERUNT\DelFix
Alat briše stare system restore tačke i pravi novu, svežu tačku nakon čišćenja.

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Napisano: 20 Jul 2014 15:22

To je to. Drzi ga u praznom hodu na 25 ne vise. Hvala jos jednom.

Dopuna: 20 Jul 2014 15:33

Da nije ovo neki deo uzroka problema? Sad naletoh slucajno..
http://prntscr.com/44iug9

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nije to je neki drajver, trebalo bi da ga reinstaliras.

Vidi oko toga na Windows forumu.


Ako sam te razumeo vise nemas problem sa CPU.

offline
  • Absolut Gut
  • Pridružio: 13 Avg 2012
  • Poruke: 561
  • Gde živiš: Atakama

Ma pomislih da nema veze sa procesorom. Da riknem na mestu odmah.

Nemam vise problema sa CPU, reseno je, isforsirao sam ga sad i drzi na maksu 60 , ne preko.

rip
  • argus  Male
  • Anti Malware Fighter
    Rank 2
  • Pridružio: 27 Apr 2008
  • Poruke: 9160
  • Gde živiš: Prokuplje

Nema to veze sa tim, kod instalacije OS taj drajver nije instaliran.

Rekoh ti da pitas na Windows forumu, neko ce ti reci sta da instaliras da bi u DM imao sve drajvere regularno.

Ko je trenutno na forumu
 

Ukupno su 982 korisnika na forumu :: 36 registrovanih, 7 sakrivenih i 939 gosta   ::   [ Administrator ] [ Supermoderator ] [ Moderator ] :: Detaljnije

Najviše korisnika na forumu ikad bilo je 3466 - dana 01 Jun 2021 17:07

Korisnici koji su trenutno na forumu:
Korisnici trenutno na forumu: AleksSE, babaroga, bokisha253, Brana01, ccoogg123, darcaud, Dimitrise93, Dorcolac, draggan, dragoljub11987, Gargantua, Hans Gajger, havoc995, hologram, ILGromovnik, kikisp, kybonacci, lord sir giga, Luka Blažević, Mercury, milenko crazy north, milimoj, Milometer, misa1xx, Misirac, naki011, nenad81, pein, Ripanjac, Rogonos, Sirius, tubular, virked, Vlad000, Vlada1389, Vladko